The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/agent.py script automates incident response by executing AWS CLI commands via the subprocess.run function. The implementation correctly uses argument lists to pass parameters, which prevents shell injection vulnerabilities.- [EXTERNAL_DOWNLOADS]: The skill documentation lists the AWS CLI and the requests Python package as dependencies. These are standard, reputable tools required for interacting with cloud provider APIs.- [DATA_EXFILTRATION]: The skill processes sensitive information, including CloudTrail logs and resource metadata, to generate an incident report. This data is stored locally in cloud_ir_report.json and is not transmitted to any external or unauthorized domains.- [PROMPT_INJECTION]: The skill ingests external data from cloud audit logs for analysis. While this introduces an indirect prompt injection surface (where logs could contain malicious instructions), the risk is mitigated by the script's structured JSON parsing and the restricted nature of the IR workflow.

conducting-cloud-incident-response