CtrlK
BlogDocsLog inGet started
Tessl Logo

aws-penetration-testing

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

69

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Critical

Do not install without reviewing

SKILL.md
Quality
Evals
Security

Quality

Content

87%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The content is highly actionable and token-efficient with good progressive disclosure, but its multi-step workflow lacks validation checkpoints around destructive privilege-escalation and detection-evasion steps. Adding verify-before-proceed gates would lift workflow clarity.

Suggestions

Insert explicit validation checkpoints between destructive steps (e.g., 'Verify the new access key works with aws sts get-caller-identity before proceeding', 'Confirm current permissions with enumerate-iam before attempting escalation').

Add a brief feedback loop for CloudTrail/GuardDuty evasion steps (check detection status before and after disabling controls) so the workflow has an error-recovery path rather than only commands.

Trim the Quick Reference table or the Essential Tools table where they duplicate commands already shown inline, to tighten conciseness further.

DimensionReasoningScore

Conciseness

The body is command- and table-dense with almost no explanation of concepts Claude already knows; each section contributes executable material rather than padding. Minor redundancy in the Quick Reference table does not rise to verbose concept lecturing.

3 / 3

Actionability

It provides fully executable aws CLI commands, Python injection code, and concrete command sequences that are copy-paste ready with specific flags and ARNs. Placeholders like TARGET_USER and POLICY_ARN are standard, clearly templated values rather than pseudocode.

3 / 3

Workflow Clarity

Core Workflow is sequenced (Step 1 → 2 → 3), but destructive operations (create-access-key, attach AdministratorAccess, delete-trail, EBS snapshot theft) lack explicit validation/verification checkpoints, capping the score at 2 per the destructive-operations guideline.

2 / 3

Progressive Disclosure

SKILL.md is an organized overview that offloads advanced material to a single, real, one-level-deep reference (references/advanced-aws-pentesting.md) that is clearly signaled and well-structured (TOC, 38 headings).

3 / 3

Total

11

/

12

Passed

Description

82%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is specific and distinctive with strong natural trigger terms, but it omits an explicit 'when to use' trigger clause, which caps completeness at 2. Adding a 'Use when ...' sentence would raise it.

Suggestions

Append an explicit 'Use when ...' clause (e.g., 'Use when the user requests AWS penetration testing, cloud red team operations, or AWS privilege-escalation assessment in an authorized engagement.') to satisfy the 'when' half of completeness.

Consider adding natural variations users might say ('pentest AWS', 'audit my AWS account security', 'AWS privilege escalation') to broaden trigger coverage marginally.

DimensionReasoningScore

Specificity

The description enumerates multiple concrete actions — 'IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques' — matching the anchor for listing several specific concrete actions.

3 / 3

Completeness

It clearly answers 'what does this do' but lacks any 'Use when...' clause or equivalent explicit trigger guidance, so per the judging guideline completeness is capped at 2.

2 / 3

Trigger Term Quality

It uses natural terms a security practitioner would actually say ('penetration testing AWS', 'red team operations', 'IAM', 'SSRF', 'S3 bucket', 'Lambda'), giving good coverage of likely trigger phrasing.

3 / 3

Distinctiveness Conflict Risk

AWS cloud penetration testing is a well-defined niche with distinct triggers and would not plausibly fire for unrelated skills, matching the clear-niche anchor.

3 / 3

Total

11

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
boisenoise/skills-collections
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.