ClawHub

Awscli

PassAudited by ClawScan on May 10, 2026.

Overview

This skill is a straightforward AWS Lightsail control wrapper, but users should notice that it can use configured AWS credentials to start, stop, or reboot cloud instances.

Install only if you intend this agent to manage AWS Lightsail instances. Configure a dedicated least-privilege AWS IAM role or user, set AWS_REGION and ALLOWED_INSTANCES carefully, and require explicit confirmation before stopping, starting, or rebooting instances.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI02: Tool Misuse and Exploitation
What this means

If invoked on the wrong instance, the skill could cause downtime or restart a service.

Why it was flagged

The skill can invoke AWS CLI lifecycle operations such as stop, start, and reboot. This matches the stated purpose and is scoped by action handling and instance validation, but these operations can interrupt cloud services.

Skill content
case "stop":
      await runAws([
        "lightsail",
        "stop-instance",
Recommendation

Use a least-privilege IAM role, set ALLOWED_INSTANCES narrowly, and require explicit user approval before start/stop/reboot actions in the surrounding agent workflow.

NoteHigh Confidence
ASI03: Identity and Privilege Abuse
What this means

The skill's real authority depends on the AWS credential profile available on the host, which may have broader permissions than needed.

Why it was flagged

The skill depends on the user's configured AWS identity. This is expected for AWS management, but the effective permissions are whatever the local AWS CLI credentials allow.

Skill content
- AWS credentials configured (IAM user or role)
Recommendation

Use a dedicated IAM user or role limited to the required Lightsail actions and intended region/instances.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Users may not realize from the registry metadata alone that the skill needs AWS CLI configuration and AWS account access.

Why it was flagged

Registry metadata under-declares requirements that SKILL.md and the code rely on, including the AWS CLI, AWS_REGION, ALLOWED_INSTANCES, and AWS credentials. This is a disclosure/setup gap rather than hidden behavior.

Skill content
Required binaries (all must exist): none; Required env vars: none; Primary credential: none
Recommendation

Before installing, confirm the host has AWS CLI configured intentionally and set AWS_REGION and ALLOWED_INSTANCES explicitly.