CtrlK
BlogDocsLog inGet started
Tessl Logo

auditing-cloud-with-cis-benchmarks

This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.

62

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

Highly actionable content with concrete executable commands and a clear five-step workflow, but it is weakened by orphaned bundle files that are never linked, missing remediation-verification checkpoints, and some explanatory padding.

Suggestions

Reference the existing bundle files from the body — e.g. add 'For per-control boto3 checks, see [references/api-reference.md](references/api-reference.md)' and 'For a runnable audit agent, see [scripts/agent.py](scripts/agent.py)' — so progressive disclosure is well-signaled and one level deep.

Add an explicit verification checkpoint after Step 4 remediation, such as 'Re-run the Prowler assessment to confirm previously failing controls now PASS before moving to Step 5.'

Trim the Key Concepts table to only terms Claude would not already know (e.g. the Level 1/Level 2 profile distinction) and shorten the full Output Format mockup to a compact template.

DimensionReasoningScore

Conciseness

Mostly efficient with concrete code, but the Key Concepts table defines concepts Claude already knows (e.g. 'CIS Benchmark | Prescriptive security configuration guidelines developed by the Center for Internet Security') and the full Output Format report mockup adds padding that could be tightened.

2 / 3

Actionability

Provides fully executable, copy-paste-ready commands — prowler/aws/az CLI invocations, jq result parsers, and concrete remediation steps (delete root access keys, enable S3 encryption, create multi-region CloudTrail) — matching the rubric's executable anchor.

3 / 3

Workflow Clarity

Five steps are clearly sequenced, but Step 4 performs batch/destructive remediation (looping all buckets, deleting keys, creating trails) with no re-scan verification checkpoint, so per the feedback-loop guideline workflow clarity is capped at 2.

2 / 3

Progressive Disclosure

The body is well sectioned, but bundle files references/api-reference.md and scripts/agent.py exist yet are never referenced or signaled from the body, leaving them orphaned and the inline content heavier than necessary.

2 / 3

Total

9

/

12

Passed

Description

82%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A specific, third-person description with strong trigger terms and a clear niche, but it omits an explicit 'Use when...' clause so the 'when to use' guidance is only implied.

Suggestions

Append an explicit 'Use when...' clause naming natural triggers, e.g. 'Use when auditing AWS, Azure, or GCP environments against CIS benchmarks, preparing for SOC 2 / ISO 27001 audits, or establishing a cloud security baseline.'

Tighten the trailing version list ('CIS v5 for AWS, v4 for Azure, and v4 for GCP') since time-sensitive version numbers will date the description and add tokens without aiding trigger matching.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'interpreting CIS Foundations Benchmark controls', 'running automated assessments with tools like Prowler and ScoutSuite', 'remediating failed controls', 'maintaining continuous compliance monitoring' — rather than vague language.

3 / 3

Completeness

Clearly answers 'what' the skill does, but lacks an explicit 'Use when...' trigger clause, so per the judging guidelines completeness is capped at 2 rather than reaching the explicit-trigger anchor of 3.

2 / 3

Trigger Term Quality

Covers natural terms a user would say — 'cloud security audits', 'CIS benchmarks', 'AWS, Azure, and GCP', 'Prowler', 'ScoutSuite', 'compliance monitoring' — matching the rubric's good-coverage anchor.

3 / 3

Distinctiveness Conflict Risk

Occupies a clear niche (cloud security auditing against CIS benchmarks) with distinct provider/tool triggers and third-person voice, making conflict with other skills unlikely.

3 / 3

Total

11

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
mukul975/Anthropic-Cybersecurity-Skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.