The Agent Skills Directory

[SAFE]: The skill provides a valid utility for performing cloud forensic investigations. It follows standard workflows for incident response and AWS log analysis.
[DATA_EXPOSURE]: The script accesses CloudTrail events which contain sensitive metadata about AWS account activity. This access is restricted to official AWS APIs via boto3 and is necessary for the skill's primary purpose of forensic reconstruction.
[COMMAND_EXECUTION]: The investigation script (scripts/agent.py) uses structured argument parsing and official SDK methods. It does not use subprocesses, shell commands, or dynamic code execution functions like eval() or exec().
[EXTERNAL_DOWNLOADS]: The skill depends on the standard boto3 Python package. It does not perform any unauthorized remote code downloads or execute scripts from external repositories.

performing-cloud-forensics-with-aws-cloudtrail