This article details how attackers can misuse AWS CLI aliases to stealthily maintain persistence in cloud environments. It explains the mechanics of creating malicious aliases that preserve normal command functionality while executing harmful actions, such as credential exfiltration. A proof of concept demonstrates the technique in action.

Matchlock is a command-line tool that runs AI agents in isolated microVMs, ensuring your secrets never enter the virtual machine. It allows for network allowlisting and secret injection, providing a full Linux environment while keeping your main system safe. You can manage sandboxes easily and integrate it with Go and Python SDKs.

Fence is a tool that wraps commands in a sandbox, blocking network access by default and allowing configurable filesystem restrictions. It's useful for executing semi-trusted code safely, making it ideal for package installations and CI jobs. The tool also integrates with various coding agents to enhance security.