AuditClaw Aws

The skill's requirements, instructions, and code are consistent with an AWS read-only compliance evidence collector; nothing obvious is requesting unrelated credentials or external exfiltration.

This skill appears to do exactly what it says: run read-only AWS checks and store evidence in your local AuditClaw GRC DB. Before installing or running it: (1) review scripts/iam-policy.json and attach only the minimal read-only policy to an audit account (or prefer an IAM role). (2) Use short-lived credentials or an instance role rather than long-lived root/account keys. (3) Confirm you intend to allow the skill to write into the specified sqlite DB path (default ~/.openclaw/grc/compliance.sqlite) and back up that DB first if needed. (4) Note that the README/SKILL.md instruct pip installing boto3 from PyPI — ensure your environment's pip will install from the expected source. (5) If you use autonomous agent invocation, be aware the agent could run the checks whenever it chooses; keep credentials scoped and rotate them regularly.