ClawHub

AWS S3 Bucket Audit

Security checks across malware telemetry and agentic risk

Overview

This is a coherent AWS S3 security-audit skill, but users should treat its remediation snippets as live cloud-configuration changes.

Install only if you intend to audit AWS S3 security posture with authorized AWS credentials. Run the read-only checks first, verify each target bucket's intended public access model, and treat any put-* AWS CLI or boto3 examples as live changes that should go through normal change control, especially for static websites, CloudFront origins, partner integrations, encryption/KMS settings, and production buckets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as an auditing guide but includes ready-to-run remediation commands that change bucket security posture. This is dangerous because an operator or autonomous agent expecting read-only assessment may execute write operations that alter production access, encryption, or versioning, potentially causing outages or unreviewed configuration drift.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is described as an auditing reference, but the included example performs a state-changing operation by calling put_public_access_block(). In an audit context, readers may expect examples to be read-only; including a mutating command without strong labeling can cause unintended configuration changes in production buckets and blurs the boundary between assessment and remediation.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The remediation commands perform direct changes to S3 bucket public access, encryption, and versioning without any confirmation, dry-run equivalent, or precondition checks. In a cloud-production context this can cause service disruption, break intended public websites or partner integrations, and apply incorrect KMS settings if executed mechanically by users or agents.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example changes S3 Public Access Block settings without an explicit warning that it modifies bucket security configuration. Even though the specific change is security-hardening, undocumented write operations in reference material can mislead users into running commands they believe are informational, creating operational risk and unexpected side effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal