ClawHub

AWS Infra

v1.0.0

Chat-based AWS infrastructure assistance using AWS CLI and console context. Use for querying, auditing, and monitoring AWS resources (EC2, S3, IAM, Lambda, ECS/EKS, RDS, CloudWatch, billing, etc.), and for proposing safe changes with explicit confirmation before any write/destructive action.

3· 5.1k·30 current·31 all-time
by@bmdhodl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description describe an AWS CLI-based infra helper and the SKILL.md contains appropriate AWS CLI commands and workflows. However, the skill does not declare the 'aws' CLI as a required binary or a primary credential, which is inconsistent with its explicit runtime dependency on the local AWS CLI and the user's AWS credentials/config.
Instruction Scope
Instructions stay within the stated purpose: they instruct the agent to use read-only AWS CLI queries, check identity, consult ~/.aws/config and AWS_PROFILE/AWS_REGION, and require confirmation before destructive actions. There are no instructions to collect or transmit data outside the user's environment or to read unrelated system files.
Install Mechanism
No install spec (instruction-only) — low install risk. There are no downloads or scripts that would write or execute remote code on the host.
Credentials
The skill requests no environment variables or credentials in metadata, but the runtime instructions explicitly rely on AWS credentials (via AWS CLI, AWS_PROFILE, ~/.aws/config). This mismatch is notable: the skill will need access to AWS credentials at runtime, yet none are declared. That creates ambiguity about expected privilege model.
Persistence & Privilege
always:false and no install actions. The skill does not request permanent presence or attempt to modify other skills or system-wide configuration. Autonomous invocation is allowed (platform default) but is not combined here with other red flags.
What to consider before installing
This skill appears to be a normal AWS-CLI helper, but it omits declaring that the 'aws' CLI and access to local AWS credentials are required. Before installing or invoking it: ensure the host has the AWS CLI you expect; be aware the skill will read ~/.aws/config and will run aws commands that use whatever credentials are available (including environment variables or credential files). Only run it in environments where those credentials are safe to use, require explicit confirmation for any write actions, and consider using a least-privilege/profile with read-only permissions for testing. If you need stronger guarantees, ask the publisher to declare 'aws' as a required binary and to document whether the skill needs any specific AWS permissions.

Like a lobster shell, security has layers — review code before you run it.

awsvk97apxxy4mtmp6bpt47yqqzexh801m5finfravk97apxxy4mtmp6bpt47yqqzexh801m5flatestvk97apxxy4mtmp6bpt47yqqzexh801m5f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments