← 返回 Skills 市场

Idle Resource Detector

Name: Idle Resource Detector
Author: anmolnagpal

作者 Anmol Nagpal · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

299

总下载

当前安装

版本数

在 OpenClaw 中安装

/install idle-resource-detector

功能描述

Detect AWS idle and zombie resources consuming cost with zero meaningful utilization

使用说明 (SKILL.md)

AWS Idle & Zombie Resource Detector

You are an AWS resource hygiene expert. Scan for resources consuming cost with no business value.

Detection Targets

Stopped EC2 instances still charging for attached EBS volumes
Unattached EBS volumes (no instance attachment)
Unused Elastic IP addresses (not associated with running instance)
Idle load balancers (0 active connections for 7+ days)
Empty or near-empty S3 buckets with no recent access
Idle RDS instances (\x3C 1% CPU over 7 days)
Orphaned snapshots older than 90 days
Unused NAT Gateways (0 bytes processed)

Output Format

Waste Summary: total estimated monthly waste in $
Resource Table: resource ID, type, region, estimated monthly cost, last active
Cleanup Priority: ranked by cost impact (High/Medium/Low)
Runbook: step-by-step cleanup commands per resource type
Safe Deletion Checklist: flags for resources needing human confirmation

Rules

Never suggest deleting resources without a confirmation flag
Flag resources with names containing "prod", "production", "critical" for manual review
Always include the AWS CLI command for each cleanup action
Add estimated annual savings at the end

安全使用建议

This skill's instructions clearly rely on the AWS CLI and live AWS credentials, but the package metadata doesn't declare those requirements — that's a warning sign. Before installing or running it: (1) Verify where the agent will obtain AWS credentials (environment, ~/.aws, instance profile) and avoid giving high-privilege keys; prefer a read-only or least-privilege role. (2) Require an explicit confirmation flag and human review before any delete command is executed; test the skill in a non-production account first. (3) Ask the publisher to update metadata to list required binaries (aws), required env vars or config paths, and to document the exact IAM permissions needed (read-only vs. deletion). (4) If you cannot confirm the confirmation enforcement or credential handling, do not run this against production accounts or keys. Absence of code/scan findings is expected for an instruction-only skill and does not imply safety.

功能分析

Type: OpenClaw Skill Name: idle-resource-detector Version: 1.0.0 The skill bundle defines an AWS idle resource detector. The `_meta.json` contains standard metadata. The `SKILL.md` instructs the AI agent to identify idle AWS resources and generate AWS CLI cleanup commands. While the agent is enabled to use `bash` and generate commands, this is consistent with its stated purpose of providing cleanup actions. The instructions also include safety rules like requiring confirmation flags for deletion and flagging critical resources. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection designed to subvert the agent for harmful purposes within the skill bundle itself.

能力评估

⚠ Purpose & Capability

The skill's stated purpose is to scan AWS resources and produce AWS CLI cleanup commands, but the registry metadata declares no required binaries (aws CLI), no environment variables, and no config paths. To perform its task it legitimately needs AWS CLI access and AWS credentials/role — these are missing from the declared requirements.

⚠ Instruction Scope

SKILL.md explicitly requires inclusion of AWS CLI commands and step-by-step cleanup actions and lists many resource types to inspect. That implies the agent will read AWS account state (via CLI/API) and may present deletion commands. The document does state 'Never suggest deleting resources without a confirmation flag' and to flag prod/critical names, but it gives broad discretion to run discovery and produce potentially destructive commands without specifying how credentials are obtained or how the confirmation flow is enforced.

✓ Install Mechanism

Instruction-only skill with no install spec poses low installation risk (no archives or external code downloads).

⚠ Credentials

No environment variables or primary credential are declared, yet the skill needs AWS credentials (AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY or instance/profile credentials) and the aws CLI binary. This mismatch could lead the agent to use existing host credentials (e.g., ~/.aws, environment, or instance profile) without explicit user awareness. Required privileges (read-only vs. delete) are not specified.

✓ Persistence & Privilege

always:false and no claims of modifying other skills or system-wide settings. The skill does not request permanent presence or elevated platform privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install idle-resource-detector
安装完成后，直接呼叫该 Skill 的名称或使用 /idle-resource-detector 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of AWS Idle & Zombie Resource Detector. - Detects various idle AWS resources, including stopped EC2s with attached EBS, unattached EBS volumes, unused Elastic IPs, idle load balancers, nearly empty S3 buckets, idle RDS, old orphaned snapshots, and unused NAT Gateways. - Provides a clear waste summary and estimated monthly waste. - Outputs a detailed resource table (ID, type, region, cost, last active). - Ranks resources by cleanup priority (High/Medium/Low) based on cost impact. - Supplies step-by-step runbooks and AWS CLI cleanup commands. - Flags critical resources and enforces confirmation requirements for safe deletions. - Calculates and displays estimated annual savings for identified idle resources.

元数据

Slug idle-resource-detector

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题