Awscli

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly straightforward, but it can immediately start, stop, or reboot allowed AWS Lightsail instances using your AWS credentials.

Review before installing. Use a dedicated least-privilege IAM user or role, keep ALLOWED_INSTANCES narrow, and require explicit human approval in your workflow before any start, stop, or reboot action, especially for production resources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill exposes start, stop, and reboot operations for cloud instances without warning that these actions can interrupt production workloads, cause downtime, and disrupt dependent services. In an AWS infrastructure-management context, omission of safety guidance increases the chance of accidental destructive or availability-impacting use, especially if an agent invokes actions from ambiguous user input.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill exposes state-changing infrastructure operations (start, stop, reboot) with no user-facing confirmation, dry-run, or secondary authorization step. In an agent context, ambiguous prompts, prompt injection, or accidental invocation could cause real service disruption against allowed instances, making the lack of friction materially dangerous.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal