Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Aws Cloud Toolkit
v1.0.0Manage AWS EC2, S3, Lambda, and CloudWatch resources with automated deployment, operations, and monitoring across multiple regions.
⭐ 0· 0·0 current·0 all-time
byLv Lancer@kaiyuelv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (EC2, S3, Lambda, CloudWatch management) is coherent with the actions described in SKILL.md and the README (which even lists broad IAM permissions). However the registry metadata lists no required environment variables or primary credential even though the SKILL.md explicitly expects AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY / AWS_DEFAULT_REGION. The source/homepage is unknown/missing, which reduces trust.
Instruction Scope
The SKILL.md defines tools (ec2_manager, s3_manager, lambda_manager, cloudwatch_monitor) and gives Python usage examples importing from an aws_cloud_toolkit package, but no library code is included in the bundle. The README suggests installing from a GitHub repo or pip, but the repository and package are not present here. The instructions do require AWS credentials and broad permissions (ec2:*, s3:*, lambda:*, cloudwatch:*, logs:*), which are consistent with the stated functionality but grant wide destructive ability if misused.
Install Mechanism
There is no install spec in the skill bundle (instruction-only). SKILL.md suggests pip installing boto3 and python-dotenv (low-risk). README suggests cloning a GitHub repo or pip installing aws-cloud-toolkit, but no package files/source code are actually included and no verified upstream URL or homepage is provided — this mismatch is concerning because you can't validate what would be installed.
Credentials
The runtime instructions expect AWS credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION), which are appropriate for AWS management. However the registry metadata declares no required env vars or primary credential — this discrepancy reduces transparency. The recommended IAM policy in the README is very broad (wildcard resources and actions), increasing risk if long-lived credentials are supplied without least-privilege scoping.
Persistence & Privilege
The skill does not request always: true and does not declare config path or persistent system modifications. It is user-invocable and allows autonomous invocation (platform default), which is expected for a skill that can perform operations, but autonomous invocation combined with broad AWS creds would increase blast radius — note this when deciding whether an agent should run it autonomously.
Scan Findings in Context
[no_regex_findings] expected: The regex-based scanner produced no findings because this is an instruction-only bundle with no executable code files to analyze.
What to consider before installing
Do not install or provide AWS credentials to this skill until you verify the package source and contents. Specifically: 1) Ask the publisher for a canonical repository or PyPI package and review the code before installing. 2) Require least-privilege IAM credentials scoped only to the actions/resources you need (avoid ec2:*, s3:*, lambda:* on Resource="*"), prefer temporary credentials or an IAM role. 3) Because no code is bundled, confirm that the named package (aws-cloud-toolkit/aws_cloud_toolkit) actually exists and is trustworthy. 4) Test in a sandbox AWS account with limited access first. 5) Be cautious about enabling autonomous agent invocation with broad AWS permissions — revoke or rotate keys if you later disable the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk9720hne8wndaseb7ca2wjzx9584m6gq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.