Cloud Misconfig Scanner

Automated security scanner for identifying and reporting misconfigurations across cloud infrastructure providers.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 84 · 0 current installs · 0 all-time installs

byToolWeb@krishnakumarmahadevan-cmd

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill claims to scan cloud providers and its request shape explicitly requires provider credentials, which is consistent with the described purpose. However, the SKILL.md references external endpoints (toolweb.in and api.mkkpro.com) and the package metadata gives no trustworthy owner/homepage; the documentation does not clearly state where submitted credentials will be transmitted or stored.

Instruction Scope

The instructions present an API surface that expects raw cloud credentials in the request body and include sample secrets. They do not limit or advise how credentials should be scoped (e.g., read-only, short-lived), nor do they describe data handling, retention, or where scans run. The doc effectively instructs the agent to send sensitive credentials to remote services without safeguards or explicit consent language.

✓

Install Mechanism

No install spec and no code files — this is instruction-only, so nothing is written to disk on install. That lowers local execution risk. The primary risk comes from network calls to external APIs described in the documentation.

Credentials

Although the skill does not require environment variables from the agent, it requires the user to supply cloud credentials in API requests. That is proportionate to an external scanner, but the skill lacks guidance to use least-privilege or temporary credentials, and it does not declare a primary credential or any handling/retention policy for sensitive secrets — increasing the risk of credential exposure.

✓

Persistence & Privilege

always is false and the skill does not request persistent system privileges or modify other skills. Autonomous invocation is allowed (platform default), which is expected for a callable skill but should be considered when combined with the credential-handling issues.

What to consider before installing

This skill appears to be a thin wrapper for a third‑party cloud scanning API. Before using it: 1) Do not paste long‑lived root or admin keys — use short‑lived, least‑privilege credentials (temporary STS tokens or an explicitly scoped read‑only account). 2) Verify the vendor (toolweb.in / api.mkkpro.com): check TLS, privacy/security policies, data retention, and whether they support ephemeral credentials. 3) Prefer scanning a non‑production/test account first and rotate any credentials used. 4) If you cannot verify the provider, consider self‑hosted or in‑account scanners (open-source tools or running scans from within your environment) to avoid sending sensitive credentials to unknown external services.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97c7g2gc92natksp7mn6wqve983btsy

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Overview

The Cloud Misconfiguration Scanner is a security-focused API that analyzes cloud infrastructure configurations to identify potential security risks, compliance violations, and operational misconfigurations. It connects to major cloud providers and performs comprehensive audits of your cloud environment without requiring direct infrastructure changes.

This tool is essential for security teams, DevOps engineers, and cloud architects who need continuous visibility into their cloud security posture. By automating configuration scanning, it reduces the time and effort required for manual security assessments while providing detailed, actionable remediation guidance. The scanner integrates seamlessly with multi-cloud environments and supports automated compliance reporting workflows.

Ideal users include organizations managing infrastructure across AWS, Azure, Google Cloud, or hybrid cloud environments; security and compliance teams performing regular audits; and enterprises implementing Infrastructure-as-Code (IaC) security practices.

Usage

Sample Request:

{
  "provider": "aws",
  "credentials": {
    "access_key_id": "AKIAIOSFODNN7EXAMPLE",
    "secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
    "region": "us-east-1"
  }
}

Sample Response:

{
  "scan_id": "scan_1234567890",
  "provider": "aws",
  "status": "completed",
  "timestamp": "2024-01-15T10:30:45Z",
  "findings": [
    {
      "id": "MISCFG-001",
      "severity": "high",
      "category": "access_control",
      "resource": "s3://my-bucket-prod",
      "issue": "S3 bucket has public read access enabled",
      "recommendation": "Update bucket policy to restrict public access",
      "compliance_impact": ["PCI-DSS", "HIPAA"]
    },
    {
      "id": "MISCFG-002",
      "severity": "medium",
      "category": "encryption",
      "resource": "rds-instance-main",
      "issue": "Database encryption at rest is disabled",
      "recommendation": "Enable RDS encryption and rotate master key",
      "compliance_impact": ["SOC2"]
    }
  ],
  "summary": {
    "total_resources_scanned": 247,
    "misconfiguration_count": 12,
    "high_severity": 2,
    "medium_severity": 5,
    "low_severity": 5
  }
}

Endpoints

POST /scan-cloud-config

Initiates a comprehensive security scan of cloud infrastructure configurations for the specified provider.

Method: POST

Path: /scan-cloud-config

Description: Scans cloud configurations and identifies security misconfigurations, compliance violations, and operational risks across the target environment.

Request Parameters:

Parameter	Type	Required	Description
`provider`	string	Yes	Cloud provider identifier (e.g., `aws`, `azure`, `gcp`, `alibaba`)
`credentials`	object	Yes	Provider-specific authentication credentials including access keys, secret keys, tokens, or service account data required to authenticate and access cloud resources

Response Shape (HTTP 200):

{
  "scan_id": "string",
  "provider": "string",
  "status": "string",
  "timestamp": "string",
  "findings": [
    {
      "id": "string",
      "severity": "string",
      "category": "string",
      "resource": "string",
      "issue": "string",
      "recommendation": "string",
      "compliance_impact": ["string"]
    }
  ],
  "summary": {
    "total_resources_scanned": "integer",
    "misconfiguration_count": "integer",
    "high_severity": "integer",
    "medium_severity": "integer",
    "low_severity": "integer"
  }
}

Error Response (HTTP 422 - Validation Error):

{
  "detail": [
    {
      "loc": ["body", "provider"],
      "msg": "field required",
      "type": "value_error.missing"
    }
  ]
}

Pricing

Plan	Calls/Day	Calls/Month	Price
Free	5	50	Free
Developer	20	500	$39/mo
Professional	200	5,000	$99/mo
Enterprise	100,000	1,000,000	$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Kong Route: https://api.mkkpro.com/security/cloud-misconfig-scanner
API Docs: https://api.mkkpro.com:8018/docs

Files

2 total

Select a file

Select a file to preview.

Comments

Loading comments…