AuditClaw Aws

Type: OpenClaw Skill Name: auditclaw-aws Version: 1.0.2 The OpenClaw skill 'auditclaw-aws' is designed for AWS compliance evidence collection using read-only API calls. All analyzed files, including `SKILL.md`, `aws_evidence.py`, and `iam-policy.json`, consistently support this benign purpose. The `iam-policy.json` explicitly grants only read-only permissions across various AWS services. The Python scripts use secure practices for `subprocess.run` (list arguments to prevent shell injection) and `sqlite3` (parameterized queries to prevent SQL injection). Data is stored locally in `~/.openclaw/grc/compliance.sqlite`, and AWS credentials are handled via standard `boto3` mechanisms without local storage. There is no evidence of data exfiltration, persistence mechanisms, or malicious prompt injection attempts against the agent.