← 返回 Skills 市场
anmolnagpal

S3 Exposure Auditor

作者 Anmol Nagpal · GitHub ↗ · v1.0.0
cross-platform ✓ 安全检测通过
313
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install s3-exposure-auditor
功能描述
Identify publicly accessible S3 buckets, dangerous ACLs, and misconfigured bucket policies
安全使用建议
This skill is instruction-only and appears coherent with its purpose, but take these precautions before using it: never paste AWS access keys or secrets—only paste the CLI/console outputs the skill requests; review and redact any account-sensitive information if needed (account IDs, ARNs, internal hostnames); treat the skill's policy/SCP recommendations as guidance only—have an AWS admin validate and test them in a non-production account first; note the SKILL.md contains a possibly incorrect SCP example—clarify that with the author or your security team before applying; if you prefer, run the CLI commands yourself, redact outputs, and then paste sanitized results for analysis.
功能分析
Type: OpenClaw Skill Name: s3-exposure-auditor Version: 1.0.0 The skill is designed as an AWS S3 security auditor, explicitly stating it is 'instruction-only' and 'does not execute any AWS CLI commands or access your AWS account directly.' It instructs the AI agent to analyze user-provided data and generate security recommendations, explicitly forbidding the agent from asking for credentials or processing user input containing them. While 'bash' is listed as a tool, the skill's instructions actively prevent its use for execution, indicating a clear benign intent aligned with its stated purpose.
能力评估
Purpose & Capability
The name/description map to the instructions: the skill asks users to provide S3-related CLI output (bucket lists, ACLs, policies, public-access-block, Security Hub findings) and then performs analysis. It requests no environment variables, binaries, or installs, which is proportionate for an instruction-only auditor.
Instruction Scope
Overall the runtime instructions stay within scope: they ask for explicit AWS CLI/console output and provide clear read-only permission guidance. A few minor issues to review before trusting recommendations: the suggested SCP phrasing ('deny s3:PutBucketPublicAccessBlock false') is unclear/misspecified and should be validated by an AWS admin; the skill recommends actions (SCPs, AWS Config rules, hardened policies) that a human should review before applying. The SKILL.md does instruct the user to confirm pasted data contains no credentials, which is good practice.
Install Mechanism
No install spec and no code files—this is instruction-only, so nothing will be downloaded or executed by the platform. Lowest-risk install profile.
Credentials
The skill requests no environment variables or credentials (and explicitly says not to request them). However, the required CLI outputs can contain sensitive identifiers (account IDs, ARNs, resource names) and potentially pasted policy documents—users should sanitize outputs and remove any incidental secrets before pasting. The quantity of requested data (multiple bucket policies, ACLs, Security Hub findings) is reasonable for the task.
Persistence & Privilege
The skill is not always-enabled, does not request persistent presence, and has no install-time hooks. It does not modify other skills or system settings on its own.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install s3-exposure-auditor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /s3-exposure-auditor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of aws-s3-exposure-auditor: audit exported S3 bucket data for exposure risks. - Identifies publicly accessible buckets, dangerous ACLs, misconfigured policies, and missing preventive controls. - Guides users to gather required CLI outputs; no credentials or AWS access is requested. - Reports critical issues, risk levels, and sensitivity estimates, with recommendations and hardened bucket policies. - Strongly recommends enabling account-level S3 Block Public Access and highlights buckets without encryption.
元数据
Slug s3-exposure-auditor
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

S3 Exposure Auditor 是什么?

Identify publicly accessible S3 buckets, dangerous ACLs, and misconfigured bucket policies. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 313 次。

如何安装 S3 Exposure Auditor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install s3-exposure-auditor」即可一键安装,无需额外配置。

S3 Exposure Auditor 是免费的吗?

是的,S3 Exposure Auditor 完全免费(开源免费),可自由下载、安装和使用。

S3 Exposure Auditor 支持哪些平台?

S3 Exposure Auditor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 S3 Exposure Auditor?

由 Anmol Nagpal(@anmolnagpal)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论