AWS Alert Handler
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: aws-alert-handler Version: 0.1.1 The aws-alert-handler skill is a legitimate utility designed to normalize various AWS alert formats (Security Hub ASFF, Inspector v2, and CloudWatch alarms) into a consistent JSON schema. The shell scripts (parse-alert.sh, parse-asff.sh, etc.) use jq for safe JSON processing and include logic for unwrapping SNS envelopes and filtering out routine operational noise. There is no evidence of malicious intent, data exfiltration, or unauthorized execution; the documentation even includes proactive security advice regarding SNS signature verification and webhook spoofing risks.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the normalized payload is posted to chat or passed to another skill, sensitive details from the original alert may be exposed.
The skill intentionally carries the full original alert into the normalized output, which may include account IDs, resource identifiers, descriptions, or other sensitive alert context.
`raw` — the original payload, preserved ... If alerts may contain sensitive data, strip `raw` before posting anywhere visible.
Keep the raw field for private triage only, strip it before public or broad chat posting, and treat alert text as untrusted data.
A spoofed webhook request could create fake AWS alerts and trigger unnecessary agent activity or downstream triage.
The optional webhook path can route external HTTP payloads into an agent turn, and the documentation discloses that direct SNS signature verification is not performed by OpenClaw.
SNS HTTPS delivery does NOT carry your bearer token by default ... OpenClaw does not verify ... Anyone who knows your webhook URL and token can POST AWS-looking JSON.
Use a high-entropy bearer token, restrict the endpoint, and for production prefer the documented Lambda, reverse-proxy, or EventBridge API destination pattern that verifies or injects authentication.
If one of the skipped alarm-name patterns is meaningful in your environment, a real operational signal could be ignored.
The skill deliberately suppresses downstream handling for known non-incident CloudWatch alarm patterns.
On exit 10, drop the event: do not invoke downstream handling, do not post to chat.
Review the documented noise-filter patterns before production use, and fork or adjust the filter if your organization relies on any of those alarm names.
The skill may fail at runtime on systems without jq even though installation metadata does not warn about it.
The runtime dependency on jq is explicit in the script, while the supplied registry requirements declare no required binaries.
if ! command -v jq >/dev/null 2>&1; then ... jq is required but not installed
Install jq before use, and the publisher should declare jq in the skill requirements.
Users deploying the webhook path must protect the hook token and grant only the AWS permission needed to subscribe the endpoint.
The optional webhook setup requires a shared hook secret and AWS SNS subscription permission, although the local parser scripts themselves do not access credentials.
token: "a-strong-shared-secret" ... You need `sns:Subscribe` on the topic.
Use least-privilege AWS permissions, rotate and store the hook token securely, and avoid embedding real secrets in shared configuration examples.