Skills
skills/mukul975/anthropic-cybersecurity-skills/implementing-security-chaos-engineering/Gen Agent Trust Hub

implementing-security-chaos-engineering

Warn

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs high-risk modifications to AWS infrastructure settings.\n
  • scripts/agent.py: The experiment_open_security_group function grants unrestricted SSH access (0.0.0.0/0) to security groups via ec2.authorize_security_group_ingress.\n
  • scripts/agent.py: The experiment_create_admin_user function creates a new IAM user and attaches the AdministratorAccess managed policy.\n
  • scripts/agent.py: The experiment_stop_cloudtrail function disables logging for AWS CloudTrail trails, potentially blinding security monitoring.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes the boto3 library from Amazon Web Services to interact with cloud services.\n
  • scripts/agent.py: Imports and uses the boto3 Python package to execute API calls for resource manipulation and monitoring verification.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection via unsanitized data ingestion (Category 8).\n
  • Ingestion points: Command-line arguments --sg-id, --trail-name, and --profile in scripts/agent.py are used to target specific AWS resources.\n
  • Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the processing logic.\n
  • Capability inventory: Includes the ability to modify security groups, IAM users, policies, and CloudTrail logging status across an AWS account.\n
  • Sanitization: No input validation or sanitization is performed on the resource identifiers before they are passed to AWS API calls.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 10, 2026, 06:26 PM