aws-price-csv
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a purpose-aligned AWS pricing CSV generator, with expected notes around using the local AWS CLI/IAM setup and downloading or caching public AWS pricing data.
Before installing, confirm you are comfortable running a local Python script that may use your AWS CLI profile in API mode or download large public AWS pricing files in bulk mode. Use a least-privilege AWS profile, choose a sensible cache/output path, and refresh cached data when accuracy matters.
SkillSpector
SkillSpector has not run for this release. Legacy ClawScan findings remain available under Risk analysis.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If API mode is used, the script will run aws-cli on the user's machine and send the requested service, region, and filter values to AWS Pricing.
In API mode, the script invokes the local AWS CLI to fetch pricing. This is aligned with the skill's purpose and uses an argument list rather than shell execution, but it is still local tool execution and network access.
cmd = ["aws", "pricing", "get-products", ...] ... result = subprocess.run(cmd, capture_output=True, text=True)
Use a least-privilege AWS profile and review the input filters before running; use bulk mode if you do not want the script to use AWS CLI credentials.
The script may use whichever AWS credentials are active in the user's CLI environment when API mode is selected.
The skill discloses that API mode relies on AWS IAM authorization. The requested action is purpose-aligned and read-only pricing access, but it still uses the user's configured AWS identity.
**API mode** – requires `aws pricing get-products` permission and an internet connection.
Prefer an AWS profile limited to `pricing:GetProducts`, and verify the active AWS profile before running the script.
Bulk mode can consume network bandwidth and disk space, and generated quotes depend on the downloaded or cached pricing data.
Bulk mode downloads public pricing JSON from AWS and writes it to a local cache. This is disclosed and purpose-aligned, but users should understand the external data source and cache behavior.
BULK_URL_TEMPLATE = "https://pricing.us-east-1.amazonaws.com/offers/v1.0/aws/{service}/current/{region}/index.json"
...
with urlopen(url) as resp, cache_path.open("wb") as fh:Keep the cache in an expected directory, refresh it for important quotes, and verify that bulk files come from the documented AWS pricing endpoint.