Claims
Cloud security attack methodology covering AWS, Azure, and GCP. Includes credential harvesting, enumeration, privilege escalation, persistence, data exfiltration, lateral movement, serverless attacks, Kubernetes paths, and CSPM evasion.
Actual behavior
The skill acts as a static reference guide (manifest) containing documentation and shell command snippets for cloud offensive security. It lists specific tools (Pacu, ScoutSuite, etc.) and commands (aws sts, az account, curl) but does not execute them autonomously. It documents risks (SSRF, IMDSv2) and defenses (log validation, GuardDuty mute) rather than performing them.