AWS Infra
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: aws-infra Version: 1.0.0 The skill bundle is designed for AWS CLI interaction, providing read-only queries and requiring explicit user confirmation for any write or destructive actions. The `SKILL.md` file contains strong safety rules explicitly instructing the agent to default to read-only, require confirmation for changes, prefer dry-runs, and never reveal or log secrets, actively mitigating prompt injection risks. The `references/aws-cli-queries.md` file lists standard AWS CLI commands, including write actions clearly marked as requiring confirmation. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The assistant may query AWS resources using whatever permissions are available in the selected local AWS profile.
The skill intentionally uses the local AWS CLI profile/configuration, which can grant access to sensitive AWS account resources. This is disclosed and purpose-aligned, but users should notice the privilege boundary.
Otherwise use `AWS_PROFILE` / `AWS_REGION` if set, then fall back to `~/.aws/config`.
Use a dedicated least-privileged or read-only AWS profile where possible, specify the intended profile and region, and verify the identity with sts get-caller-identity before relying on results.
If a user confirms a write command, the assistant could help change, scale, delete, or modify AWS resources according to the local profile’s permissions.
The skill can guide AWS CLI operations that mutate cloud resources, but it explicitly requires confirmation and prefers dry-run/planning before such actions.
Only propose or run write/destructive actions after explicit user confirmation.
Review every proposed command, region, account, and resource identifier before confirming; prefer dry-run options and limited-permission roles.
Users relying only on metadata may not realize the skill expects local AWS CLI configuration and AWS account access.
The registry metadata does not declare the AWS CLI or AWS profile/environment usage described in SKILL.md. This is an under-declared setup/credential contract, not hidden code execution.
Required binaries (all must exist): none ... Env var declarations: none ... Primary credential: none
Treat AWS CLI and AWS profile access as prerequisites even though they are not declared in metadata, and configure a constrained profile before use.