Does it suggest fixes for identified vulnerabilities?

Yes, the skill generates reports highlighting findings which serve as a foundation for developing and implementing effective remediation strategies.

How does it help with security compliance?

It identifies configurations that deviate from security best practices, such as the Principle of Least Privilege, helping teams maintain compliance with internal and regulatory standards.

Is it limited to cloud environments?

No, while powerful for cloud IAM, it can also be used to review application-level access control lists and local permission structures within your codebase.

Can this skill audit AWS IAM policies?

Yes, it is specifically designed to analyze cloud IAM policies, including AWS, to identify overly permissive access and security violations.

Access Control Auditor

Name: Access Control Auditor
Author: jeremylongshore

byjeremylongshore

•

883

セキュリティとテスト

Audits access control implementations to identify vulnerabilities, misconfigurations, and privilege escalation risks in cloud and local environments.

概要

The Access Control Auditor skill provides Claude with the specialized ability to perform deep security reviews of access management systems. It analyzes IAM policies, network ACLs, and application-level permissions to identify security gaps such as overly permissive access or non-compliance with the principle of least privilege. This skill is essential for developers and security engineers looking to automate the detection of potential privilege escalation paths and ensure their infrastructure adheres to modern security best practices.

主な機能

Network ACL vulnerability and risk identification
Detection of potential privilege escalation pathways
Compliance auditing against security best practices
Comprehensive IAM policy analysis for cloud environments
Detailed security reporting with remediation context
883 GitHub stars

ユースケース

Assessing application-level permission logic during a security review
Reviewing cloud service accounts and IAM roles for overly broad permissions
Auditing VPC network ACLs to identify unauthorized exposure risks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills access-control-auditor

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要