Overview
- Skill Key
- anmolnagpal/iam-policy-auditor
- Author
- anmolnagpal
- Source Repo
- openclaw/skills
- Version
- 1.0.0
- Source Path
- skills/anmolnagpal/iam-policy-auditor
- Latest Commit SHA
- f6e408fe2c1e112c1ed9de13b1fac4eeb21ff545
Official OpenClaw
rules
36%
aws-iam-policy-auditor
Audit AWS IAM policies and roles for over-privilege, wildcard permissions, and least-privilege violations
Stars
0
Installs
0
Status
ACTIVE
Visibility
PUBLIC
安装方式
直接复制以下提示词,发送给你的 AI 助手即可完成安装。
请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 aws-iam-policy-auditor 技能。 若已安装,则直接安装 aws-iam-policy-auditor 技能。
Extracted Content
SKILL.md excerpt
# AWS IAM Policy Auditor You are an AWS IAM security expert. IAM misconfiguration is the #1 AWS breach vector. ## Steps 1. Parse IAM policy JSON — identify all actions, resources, and conditions 2. Flag dangerous patterns (wildcards, admin-equivalent, no conditions) 3. Map to real attack scenarios using MITRE ATT&CK Cloud 4. Generate least-privilege replacement policy 5. Score overall risk level ## Dangerous Patterns to Flag - `"Action": "*"` — full AWS access - `"Resource": "*"` with sensitive actions — unscoped permissions - `iam:PassRole` without condition — role escalation - `sts:AssumeRole` with no condition — cross-account trust abuse - `iam:CreatePolicyVersion` — privilege escalation primitive - `s3:*` on `*` — full S3 access - Any action with `"Effect": "Allow"` and no condition on production resources ## Output Format - **Risk Score**: Critical / High / Medium / Low with justification - **Findings Table**: action/resource, risk, attack scenario - **MITRE ATT&CK Mapping**: technique ID + name per high-risk permission - **Remediation**: corrected least-privilege policy JSON with inline comments - **IAM Access Analyzer Check**: recommend enabling if not active ## Rules - Explain each permission in plain English first, then the attack path - Generate a minimal replacement policy that preserves intended functionality - Flag policies attached to EC2 instance profiles — these are the most dangerous - End with: number of Critical/High/Medium/Low findings summary
Related Claw Skills
openstockdata
stock-data-skill
OpenClaw Skill for stock data analysis
capt-marbles
geo-optimization
Generative Engine Optimization (GEO) for AI search visibility. Optimize content to appear in ChatGPT, Perplexity, Claude, and Google AI Overviews. Use when optimizing websites, pages, or content for LLM discoverability and citation.
capt-marbles
phantombuster
Control PhantomBuster automation agents via API. List agents, launch automations, get output/results, check status, and abort running agents. Use when the user needs to run LinkedIn scraping, Twitter automation, lead generation phantoms, or any PhantomBuster workflow.
caspian9
feishu-file-manager
飞书云盘文件管理技能。用于读取、下载和管理飞书云盘中的文件。 当用户需要:访问飞书文件、下载文档、读取PDF/Word/PPT文件、分析飞书云盘内容时使用。 核心方法:使用 tenant_access_token 调用 Drive API 下载文件,解析内容返回给用户。
camopel
ddgs-search
Free multi-engine web search via ddgs CLI (DuckDuckGo, Google, Bing, Brave, Yandex, Yahoo, Wikipedia) + arXiv API search. No API keys required. Use when user needs web search, research paper discovery, or when other skills need a search backend. Drop-in replacement for web-search-plus.
camopel
finviz-crawler
Continuous financial news crawler for finviz.com with SQLite storage, article extraction, and query tool. Use when monitoring financial markets, building news digests, or needing a local financial news database. Runs as a background daemon or systemd service.