The Agent Skills Directory

[COMMAND_EXECUTION]: Uses shell commands like curl and grep in SKILL.md to discover and extract AWS-specific endpoints and S3 bucket identifiers from target data sources.
[COMMAND_EXECUTION]: Provides functional Python scripts in references/s3-attack-techniques.md and references/aws-resource-policy-exploits.md that use the boto3 library to interact with AWS APIs, including automated creation of temporary IAM roles and access keys for enumeration.
[EXTERNAL_DOWNLOADS]: Interacts with the external service webhook.site in references/aws-resource-policy-exploits.md to create temporary listener endpoints for validating out-of-band SNS notifications.
[PROMPT_INJECTION]: The skill is designed to process untrusted data such as IAM policy files, Lambda source code, and CloudFormation templates (Ingestion points: SKILL.md, references/aws-resource-policy-exploits.md). It lacks explicit delimiters or instructions to ignore embedded commands (Boundary markers: Absent). The agent is granted capabilities to execute shell commands and cloud APIs (Capability inventory: curl, aws-cli, boto3). No sanitization of analyzed content is specified (Sanitization: Absent). This creates an indirect prompt injection surface where instructions embedded in the analyzed data could attempt to influence agent behavior.

aws-iam-policy-analysis