How does this skill handle AWS credentials?

It provides strict guidelines and code patterns to prevent hardcoding Access Keys and Secret Keys, favoring session-based authentication and environment variables.

Can it help prevent SQL Injection?

Yes, it includes specific checklists and best practices for safe database queries, particularly for DuckDB and subprocess usage in CLI tools.

Does it support automated scanning tools?

Yes, it provides configuration and command examples for Bandit, safety, and pip-audit to automate security and dependency checks.

What types of input does it validate?

It includes regex and logic patterns for validating AWS Account IDs, Region strings, and Amazon Resource Names (ARNs) to ensure data integrity.

AWS Security Reviewer

Name: AWS Security Reviewer
Author: expeor

byexpeor

Security & Testing

Conducts comprehensive security audits and provides best practice guidelines for AWS automation scripts and Python projects.

About

The AWS Security Reviewer skill provides a structured framework for auditing cloud-based Python code, focusing on credential safety, rigorous input validation for AWS resources, and the prevention of sensitive data leaks in logs. It integrates industry-standard tools like Bandit and safety checks, ensuring that developers maintain high security standards throughout the development lifecycle of cloud automation tools and CLI applications.

Key Features

Standardized input validation for AWS Account IDs, Regions, and ARNs
AWS credential safety checks to prevent hardcoded Access Keys and Secret Keys
Static analysis integration with Bandit and dependency auditing tools
0 GitHub stars
Comprehensive vulnerability checklists covering injection, IAM, and data protection
Sensitive information logging prevention and masking guidelines

Use Cases

Implementing standardized validation patterns for cloud resource identifiers
Reviewing AWS automation scripts before deployment to prevent credential leaks
Conducting periodic security audits of Python-based infrastructure as code

About

Key Features

Standardized input validation for AWS Account IDs, Regions, and ARNs
AWS credential safety checks to prevent hardcoded Access Keys and Secret Keys
Static analysis integration with Bandit and dependency auditing tools
0 GitHub stars
Comprehensive vulnerability checklists covering injection, IAM, and data protection
Sensitive information logging prevention and masking guidelines

Use Cases

Implementing standardized validation patterns for cloud resource identifiers
Reviewing AWS automation scripts before deployment to prevent credential leaks
Conducting periodic security audits of Python-based infrastructure as code