ai-infrastructure-agent

CRITICAL: The web server's WebSocket handler (`pkg/api/server.go`) explicitly sets `upgrader.CheckOrigin: func(r *http.Request) bool { return true }` and the `corsMiddleware` sets `Access-Control-Allow-Origin: *`. This means the web UI is vulnerable to Cross-Site Request Forgery (CSRF) and Cross-Origin Attacks if exposed publicly in production without modification. IAM permissions provided in the example (`ec2:*`, `vpc:*`, etc.) are broad, granting extensive control over AWS resources. This high level of access, combined with potential web UI vulnerabilities and the LLM's susceptibility to prompt injection, presents significant risks if not managed with extreme care. While the documentation correctly advises using environment variables for API keys and `dry_run` is enabled by default, the default web server configuration makes it unsafe for general deployment without immediate security hardening.