What types of systems can this skill audit?

This skill can audit cloud IAM policies (such as AWS), network access control lists (ACLs), and application-specific permission configurations.

Can this skill fix the security issues it finds?

The primary function is auditing and reporting; however, Claude can use the generated findings to suggest specific remediation steps and policy improvements.

How does the skill identify security vulnerabilities?

It utilizes the access-control-auditor plugin to scan configurations for overly permissive rules, misconfigured access rights, and known privilege escalation patterns.

Is this skill suitable for regulatory compliance audits?

Yes, it is specifically designed to help ensure that access management configurations align with organizational security policies and regulatory requirements.

Access Control Security Auditor

Name: Access Control Security Auditor
Author: jeremylongshore

byjeremylongshore

•

883

보안 및 테스팅

Audits IAM policies, ACLs, and system permissions to identify security vulnerabilities and ensure compliance.

소개

The Access Control Security Auditor skill enables Claude to perform comprehensive reviews of access management configurations across cloud environments, infrastructure, and applications. By leveraging the access-control-auditor plugin, it identifies overly permissive IAM policies, misconfigured network ACLs, and potential privilege escalation paths, helping teams maintain a robust security posture and strictly adhere to the principle of least privilege.

주요 기능

Privilege escalation path detection
Automated IAM policy analysis for cloud providers
Detailed reporting of access control misconfigurations
Network ACL vulnerability and risk identification
Security best practices compliance verification
883 GitHub stars

사용 사례

Auditing AWS IAM policies for overly broad or non-compliant permissions
Assessing application-level user rights to identify security risks
Reviewing VPC network ACLs to prevent unauthorized network access

소개

주요 기능

Privilege escalation path detection
Automated IAM policy analysis for cloud providers
Detailed reporting of access control misconfigurations
Network ACL vulnerability and risk identification
Security best practices compliance verification
883 GitHub stars

사용 사례

Auditing AWS IAM policies for overly broad or non-compliant permissions
Assessing application-level user rights to identify security risks
Reviewing VPC network ACLs to prevent unauthorized network access