Does it suggest fixes for identified vulnerabilities?

Yes, the skill generates reports highlighting findings which serve as a foundation for developing and implementing effective remediation strategies.

How does it help with security compliance?

It identifies configurations that deviate from security best practices, such as the Principle of Least Privilege, helping teams maintain compliance with internal and regulatory standards.

Is it limited to cloud environments?

No, while powerful for cloud IAM, it can also be used to review application-level access control lists and local permission structures within your codebase.

Can this skill audit AWS IAM policies?

Yes, it is specifically designed to analyze cloud IAM policies, including AWS, to identify overly permissive access and security violations.

Access Control Auditor

Name: Access Control Auditor
Author: jeremylongshore

byjeremylongshore

•

883

•

Security & Testing

Audits access control implementations to identify vulnerabilities, misconfigurations, and privilege escalation risks in cloud and local environments.

The Access Control Auditor skill provides Claude with the specialized ability to perform deep security reviews of access management systems. It analyzes IAM policies, network ACLs, and application-level permissions to identify security gaps such as overly permissive access or non-compliance with the principle of least privilege. This skill is essential for developers and security engineers looking to automate the detection of potential privilege escalation paths and ensure their infrastructure adheres to modern security best practices.

Key Features

01Network ACL vulnerability and risk identification

02Detection of potential privilege escalation pathways

03Compliance auditing against security best practices

04Comprehensive IAM policy analysis for cloud environments

05Detailed security reporting with remediation context

06883 GitHub stars

Use Cases

01Assessing application-level permission logic during a security review

02Reviewing cloud service accounts and IAM roles for overly broad permissions

03Auditing VPC network ACLs to identify unauthorized exposure risks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills access-control-auditor

For use in Claude.ai and ChatGPT

Download Skill

Key Features

01Network ACL vulnerability and risk identification

02Detection of potential privilege escalation pathways

03Compliance auditing against security best practices

04Comprehensive IAM policy analysis for cloud environments

05Detailed security reporting with remediation context

06883 GitHub stars

Use Cases

01Assessing application-level permission logic during a security review

02Reviewing cloud service accounts and IAM roles for overly broad permissions

03Auditing VPC network ACLs to identify unauthorized exposure risks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills access-control-auditor

For use in Claude.ai and ChatGPT

Download Skill