Do I need to provide my own security benchmarks?

While you can provide specific contextual policies, the skill can also evaluate your configurations against standard industry security best practices by default.

Can it detect privilege escalation risks?

Yes, the skill is specifically designed to analyze complex permission chains and identify paths that could allow a user to gain unauthorized administrative access.

Does this skill automatically change my cloud permissions?

No, the skill focuses on auditing and reporting risks. It provides the findings and remediation guidance, but actual changes to infrastructure must be executed by the user.

What cloud providers does this skill support?

The Access Control Auditor can analyze IAM policies and network configurations across major providers including AWS, Google Cloud Platform (GCP), and Microsoft Azure.

Access Control Auditor

Name: Access Control Auditor
Author: intent-solutions-io

byintent-solutions-io

0•

Security & Testing

Audits and identifies vulnerabilities in access control configurations, IAM policies, and network permissions to ensure security compliance.

The Access Control Auditor skill empowers Claude to perform deep security reviews of identity and access management (IAM) frameworks, network access control lists (ACLs), and application-level permission sets. By analyzing configurations against industry best practices, it helps developers and DevOps engineers detect overly permissive roles, identify potential privilege escalation paths, and resolve security misconfigurations before they can be exploited. This skill is essential for maintaining a least-privilege environment in cloud infrastructure and complex application architectures.

Key Features

010 GitHub stars

02Automated IAM policy analysis for AWS, GCP, and Azure

03Network ACL vulnerability and risk detection

04Identification of potential privilege escalation paths

05Compliance verification against security best practices

06Detailed security reporting and remediation guidance

Use Cases

01Reviewing VPC network ACLs to identify unauthorized external access points

02Auditing AWS IAM policies to find and restrict overly broad permissions

03Assessing application user rights to ensure adherence to the principle of least privilege

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add intent-solutions-io/plugins-nixtla access-control-auditor

For use in Claude.ai and ChatGPT

Download Skill