← Back to Skills Marketplace

Tagging Auditor

Name: Tagging Auditor
Author: anmolnagpal

by Anmol Nagpal · GitHub ↗ · v1.0.0

cross-platform ✓ Security Clean

313

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install tagging-auditor

Description

Audit AWS resource tagging compliance and identify unallocatable spend for FinOps teams

Usage Guidance

This skill is instruction-only and coherent for tagging audits, but before using it: 1) Run the suggested AWS CLI/console exports locally under a least-privilege, read-only role (the policy shown is appropriate). 2) Carefully review any JSON/CSV you plan to paste into the chat — never include access keys, secret keys, or other credentials. 3) If you prefer, upload exports to a private location and share only the minimized data necessary for analysis (resource IDs, tags, and cost figures) rather than full raw files. 4) If you are unsure whether an export contains sensitive info, open it in a local editor and redact anything sensitive before sharing. Following these steps keeps your account credentials and high-sensitivity details safe while still allowing the skill to analyze tagging and spend coverage.

Capability Analysis

Type: OpenClaw Skill Name: tagging-auditor Version: 1.0.0 The skill bundle is benign. The `SKILL.md` explicitly states that it is 'instruction-only' and 'does not execute any AWS CLI commands or access your AWS account directly.' It also instructs the agent to 'Never ask for credentials, access keys, or secret keys.' While the agent has `bash` capabilities, these strong guardrails prevent its misuse for unauthorized AWS access or data exfiltration. The purpose of auditing AWS tagging compliance based on user-provided data is clearly aligned with the instructions, and there is no evidence of malicious intent or prompt injection attempts.

Capability Assessment

✓ Purpose & Capability

Name/description (AWS tagging and identifying unallocatable spend) matches the SKILL.md: it asks for tag exports, Cost Explorer/ CUR data, and produces tagging scores, coverage tables, AWS Config rules, SCP snippets, and remediation CLI commands. No unrelated capabilities, binaries, or credentials are requested.

✓ Instruction Scope

The runtime instructions are focused on receiving user-provided AWS exports (Resource Groups Tagging API JSON, Cost Explorer CSV/ CUR outputs) and analyzing them. The SKILL.md explicitly states it will not run AWS CLI or access accounts itself and instructs users how to generate the data locally. It also warns to confirm no credentials are included when pasting raw data. There is a small user risk if they accidentally paste sensitive secrets in provided data, but the instructions acknowledge and attempt to mitigate that.

✓ Install Mechanism

No install spec and no code files — this is instruction-only. Nothing will be written to disk or downloaded by the skill, which minimizes install-related risk.

✓ Credentials

The skill requests no environment variables, no credentials, and no config paths. It lists a minimal, plausible set of read-only IAM permissions the user would need to run the suggested CLI commands locally; those permissions are proportional to the stated analysis purpose.

✓ Persistence & Privilege

The skill is not always-enabled and is user-invocable. It does not request persistent system presence or modify other skills or agent-wide settings. Autonomous invocation is allowed by default but not combined with any other broad privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install tagging-auditor
After installation, invoke the skill by name or use /tagging-auditor
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

aws-tagging-auditor 1.0.0 – Initial release - Provides instructions for auditing AWS resource tagging and cost allocation compliance for FinOps teams. - Guides users to export & supply data via AWS CLI or console (never asks for credentials). - Outputs: tagging compliance score, spend coverage, untagged resource ranking, AWS Config rules, remediation plan. - Flags inconsistent tag values and alerts if Cost Allocation Tags are not activated. - Includes minimum necessary IAM permissions and data privacy checks. - Instruction-only: does not access AWS directly or run commands; user supplies data for analysis.

Metadata

Slug tagging-auditor

Version 1.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Tagging Auditor?

Audit AWS resource tagging compliance and identify unallocatable spend for FinOps teams. It is an AI Agent Skill for Claude Code / OpenClaw, with 313 downloads so far.

How do I install Tagging Auditor?

Run "/install tagging-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Tagging Auditor free?

Yes, Tagging Auditor is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Tagging Auditor support?

Tagging Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Tagging Auditor?

It is built and maintained by Anmol Nagpal (@anmolnagpal); the current version is v1.0.0.

More Skills