The Agent Skills Directory

[SAFE]: The skill's code and instructions are consistent with its stated purpose of cloud security automation. No malicious obfuscation, unauthorized exfiltration, or credential harvesting patterns were identified.\n- [COMMAND_EXECUTION]: The skill includes Python scripts (scripts/agent.py, scripts/process.py) and Lambda code snippets that leverage the boto3 library to perform administrative actions. These actions—such as modifying EC2 instance security groups, deactivating IAM access keys, and creating EBS snapshots—are documented remediation steps for responding to GuardDuty security findings.\n- [SAFE]: The skill processes external data in the form of AWS GuardDuty findings. Analysis of the ingestion surface shows that the code interacts with this data using structured API calls and standard logic. Capability inventory includes resource modification (EC2, IAM), but these are appropriately scoped to the findings' context and originate from a trusted service source.

detecting-aws-guardduty-findings-automation