The Agent Skills Directory

[SAFE]: The skill implements standard cryptographic best practices, including the use of AES-256-GCM for authenticated encryption and the inclusion of encryption context to prevent cipher text substitution.
[COMMAND_EXECUTION]: The provided Python scripts (agent.py and process.py) perform legitimate file and cryptographic operations. Shell execution is not used, and operations are limited to the user-provided input and output paths.
[DATA_EXFILTRATION]: Network activity is restricted to communication with official AWS KMS endpoints via the standard boto3 SDK. No unauthorized external connections or data exfiltration attempts were found.
[EXTERNAL_DOWNLOADS]: The skill references standard, well-known libraries (boto3 and cryptography) from official registries (PyPI). It does not perform any remote script execution or download code from untrusted sources.
[CREDENTIALS_UNSAFE]: No hardcoded credentials or API keys were found. The skill correctly instructs users to manage AWS credentials via standard environment variables or configuration files.

implementing-envelope-encryption-with-aws-kms