CtrlK
BlogDocsLog inGet started
Tessl Logo

auditing-aws-s3-bucket-permissions

Systematically audit AWS S3 bucket permissions to identify publicly accessible buckets, overly permissive ACLs, misconfigured bucket policies, and missing encryption settings using AWS CLI, S3audit, and Prowler to enforce least-privilege data access controls.

62

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A highly actionable, well-structured audit workflow with executable commands throughout. It loses points for re-explaining known concepts, lacking post-remediation verification, and failing to link its existing bundle reference files.

Suggestions

Trim or remove the 'Key Concepts' table entries that restate well-known AWS concepts (bucket policy, ACL, server-side encryption) to reduce token cost.

Add a verification/feedback loop after Step 7 remediation, e.g. re-run get-public-access-block to confirm the block took effect before reporting the issue closed.

Link the existing bundle files from the body — e.g. 'See references/api-reference.md for boto3 equivalents' and reference scripts/agent.py — so the provided references are signaled rather than orphaned.

DimensionReasoningScore

Conciseness

The workflow code is efficient, but the 'Key Concepts' table re-explains well-known AWS concepts (bucket policy, ACL, server-side encryption, CIS benchmark) that Claude already knows, fitting the score-2 anchor of mostly efficient with some unnecessary explanation. It is not a 3 because not every token earns its place, and not a 1 because the bulk is concrete commands rather than padded prose.

2 / 3

Actionability

Each step provides fully executable `aws s3api`/`prowler` commands and an inline Python policy parser, plus copy-paste remediation commands in Step 7, matching the score-3 anchor. It is not a 2 because the code is complete and runnable rather than pseudocode or partial.

3 / 3

Workflow Clarity

Seven steps are clearly sequenced, but Step 7 remediation applies destructive/batch bucket-config changes (put-public-access-block, put-bucket-encryption) with no verification or feedback loop, so per the guideline workflow clarity is capped at 2. It is not a 1 because the sequence is explicit, and not a 3 because validation checkpoints are missing.

2 / 3

Progressive Disclosure

The body is well-sectioned, but the provided bundle files references/api-reference.md and scripts/agent.py are never signaled or linked from the body, fitting the score-2 anchor of structure with references not clearly signaled. It is not a 3 because there are no well-signaled one-level-deep references, and not a 1 because the body is organized into clear sections with no deep nesting.

2 / 3

Total

9

/

12

Passed

Description

82%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A specific, well-scoped description that names concrete audit actions and natural trigger terms in third person. Its main gap is the absence of an explicit 'Use when...' clause, which caps completeness.

Suggestions

Add an explicit 'Use when...' clause naming trigger situations, e.g. 'Use when auditing S3 bucket exposure, responding to public-access alerts, or satisfying SOC 2/PCI DSS access-control reviews'.

Include casual user-facing phrasing such as 'open S3 buckets' or 'public S3 buckets' alongside the formal terms to improve discoverability.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'identify publicly accessible buckets, overly permissive ACLs, misconfigured bucket policies, and missing encryption settings' — matching the score-3 anchor of several specific concrete actions. It is not a 2 because the actions are comprehensive and specific rather than partial.

3 / 3

Completeness

Clearly answers 'what' but contains no 'Use when...' clause or equivalent explicit trigger guidance, so per the judging guideline completeness is capped at 2. It is not a 1 because the 'what' is strong and specific, and not a 3 because 'when' is entirely absent rather than explicit.

2 / 3

Trigger Term Quality

Covers natural terms a user would say — 'AWS S3 bucket permissions', 'publicly accessible buckets', 'ACLs', 'bucket policies', 'encryption', 'Prowler' — giving good coverage of common phrasings. It is not a 2 because relevant variations are present rather than missing.

3 / 3

Distinctiveness Conflict Risk

The scope is a clear niche — auditing AWS S3 bucket permissions specifically — with distinct triggers unlikely to conflict with other skills. It is not a 2 because it is tightly scoped to S3 rather than broadly overlapping.

3 / 3

Total

11

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
mukul975/Anthropic-Cybersecurity-Skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.