The Agent Skills Directory

[COMMAND_EXECUTION]: The automation script scripts/process.py generates shell command strings for cloud CLIs by interpolating values from an external JSON file (resource-json) directly into f-strings without sanitization or escaping.
Ingestion points: Data enters the script via the --resource-json CLI argument which parses an untrusted JSON file.
Boundary markers: No delimiters or isolation markers are used when interpolating the data into command templates.
Capability inventory: The script generates highly privileged commands for AWS IAM, EC2, S3, and Azure AD, which are intended to be executed in a shell environment.
Sanitization: The script lacks validation or shell-escaping for the interpolated fields, creating a potential command injection surface if the generated playbooks are executed by an administrator without review.
[DATA_EXFILTRATION]: The skill includes procedures for capturing system memory dumps (dd if=/dev/mem) via the AWS SSM agent. While this is a legitimate forensic preservation step for incident response, it involves the handling of highly sensitive data from volatile memory and requires high-level administrative permissions.

performing-cloud-incident-containment-procedures