Aws Emr Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate AWS EMR management skill, but it can use your active AWS credentials to perform real EMR actions and read job logs/results.
Before installing, make sure you are comfortable giving the agent access to your AWS EMR environment. Use a dedicated least-privilege AWS profile or role, double-check region and resource IDs, and explicitly approve actions that submit jobs, cancel work, terminate clusters, or delete virtual clusters.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked on the wrong resource or account, it could cancel jobs, terminate clusters, delete virtual clusters, or create costly work.
The skill exposes real AWS EMR mutation operations. These are aligned with the stated purpose, but they can affect running workloads and cloud resources.
Clusters: List, describe, terminate EMR clusters ... Job Lifecycle: Get status, cancel, list job runs ... Virtual Clusters: List, describe, create, delete virtual clusters
Use least-privilege IAM permissions, verify the AWS region/account and resource IDs, and require explicit confirmation before destructive or costly operations.
The skill can act with whatever AWS permissions are available to the current environment, profile, or IAM role.
The code uses boto3 clients without explicit credentials, meaning AWS access is resolved through the default credential chain disclosed by the skill.
return boto3.client("emr-serverless", region_name=_resolve_region(region))Run it under a dedicated AWS profile or IAM role scoped only to the EMR resources and S3 log locations you intend it to manage.
Sensitive job output, logs, or database query results may appear in the chat/session and could influence subsequent agent behavior.
The skill can bring EMR query results and logs from S3 into the agent context. This is purpose-aligned, but logs/results may contain sensitive data or untrusted text.
Results: Retrieve SQL query results from S3 ... Logs: Get driver stdout/stderr logs with secret masking
Retrieve only necessary logs/results, limit line counts where possible, and avoid exposing sensitive production data unless the session is trusted.