TopRank Skills
Home / Claw Skills / 数据解析 / aws-iam-policy-auditor
Official OpenClaw rules 36%

aws-iam-policy-auditor

Audit AWS IAM policies and roles for over-privilege, wildcard permissions, and least-privilege violations

View Source SKILL.md

Stars

0

Installs

0

Status

ACTIVE

Visibility

PUBLIC

安装方式

直接复制以下提示词,发送给你的 AI 助手即可完成安装。

请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 aws-iam-policy-auditor 技能。 若已安装,则直接安装 aws-iam-policy-auditor 技能。

Overview

Skill Key
anmolnagpal/iam-policy-auditor
Author
anmolnagpal
Source Repo
openclaw/skills
Version
1.0.0
Source Path
skills/anmolnagpal/iam-policy-auditor
Latest Commit SHA
f6e408fe2c1e112c1ed9de13b1fac4eeb21ff545

Extracted Content

SKILL.md excerpt

# AWS IAM Policy Auditor

You are an AWS IAM security expert. IAM misconfiguration is the #1 AWS breach vector.

## Steps
1. Parse IAM policy JSON — identify all actions, resources, and conditions
2. Flag dangerous patterns (wildcards, admin-equivalent, no conditions)
3. Map to real attack scenarios using MITRE ATT&CK Cloud
4. Generate least-privilege replacement policy
5. Score overall risk level

## Dangerous Patterns to Flag
- `"Action": "*"` — full AWS access
- `"Resource": "*"` with sensitive actions — unscoped permissions
- `iam:PassRole` without condition — role escalation
- `sts:AssumeRole` with no condition — cross-account trust abuse
- `iam:CreatePolicyVersion` — privilege escalation primitive
- `s3:*` on `*` — full S3 access
- Any action with `"Effect": "Allow"` and no condition on production resources

## Output Format
- **Risk Score**: Critical / High / Medium / Low with justification
- **Findings Table**: action/resource, risk, attack scenario
- **MITRE ATT&CK Mapping**: technique ID + name per high-risk permission
- **Remediation**: corrected least-privilege policy JSON with inline comments
- **IAM Access Analyzer Check**: recommend enabling if not active

## Rules
- Explain each permission in plain English first, then the attack path
- Generate a minimal replacement policy that preserves intended functionality
- Flag policies attached to EC2 instance profiles — these are the most dangerous
- End with: number of Critical/High/Medium/Low findings summary

Related Claw Skills

openstockdata

stock-data-skill

★ 4

OpenClaw Skill for stock data analysis

capt-marbles

geo-optimization

★ 1

Generative Engine Optimization (GEO) for AI search visibility. Optimize content to appear in ChatGPT, Perplexity, Claude, and Google AI Overviews. Use when optimizing websites, pages, or content for LLM discoverability and citation.

capt-marbles

phantombuster

★ 0

Control PhantomBuster automation agents via API. List agents, launch automations, get output/results, check status, and abort running agents. Use when the user needs to run LinkedIn scraping, Twitter automation, lead generation phantoms, or any PhantomBuster workflow.

caspian9

feishu-file-manager

★ 0

飞书云盘文件管理技能。用于读取、下载和管理飞书云盘中的文件。 当用户需要:访问飞书文件、下载文档、读取PDF/Word/PPT文件、分析飞书云盘内容时使用。 核心方法:使用 tenant_access_token 调用 Drive API 下载文件,解析内容返回给用户。

camopel

ddgs-search

★ 0

Free multi-engine web search via ddgs CLI (DuckDuckGo, Google, Bing, Brave, Yandex, Yahoo, Wikipedia) + arXiv API search. No API keys required. Use when user needs web search, research paper discovery, or when other skills need a search backend. Drop-in replacement for web-search-plus.

camopel

finviz-crawler

★ 0

Continuous financial news crawler for finviz.com with SQLite storage, article extraction, and query tool. Use when monitoring financial markets, building news digests, or needing a local financial news database. Runs as a background daemon or systemd service.