aws-penetration-testing

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

Quality

73%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Critical

Do not install without reviewing

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/aws-penetration-testing/SKILL.md

Quality

Content

64%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a highly actionable AWS penetration testing skill with concrete, executable commands covering a broad range of attack techniques. Its main weaknesses are the lack of validation checkpoints in multi-step destructive workflows (e.g., no verification after privilege escalation, no rollback guidance), and the monolithic structure that could benefit from splitting advanced topics into referenced files. The content is mostly efficient but has some redundancy and filler sections.

Suggestions

Add explicit validation/verification steps after destructive operations (e.g., 'Verify escalation: aws sts get-caller-identity' after each privilege escalation technique, rollback commands for cleanup)

Split the lengthy content into referenced sub-files (e.g., s3-exploitation.md, privilege-escalation.md, ec2-exploitation.md) and keep SKILL.md as a concise overview with navigation links

Remove the redundant 'When to Use' section and trim the Purpose section since it duplicates the description

Dimension	Reasoning	Score
Conciseness	The skill is fairly comprehensive but includes some unnecessary verbosity—the Purpose section repeats the description, the 'When to Use' section is a meaningless tautology, and some sections like the tool table include installation commands Claude could infer. However, most content is command-focused and reasonably efficient.	2 / 3
Actionability	The skill provides fully executable bash commands and Python code throughout, with specific AWS CLI commands, concrete examples of SSRF exploitation, privilege escalation techniques with copy-paste ready code, and clear command-output expectations. Nearly every technique has a concrete, runnable example.	3 / 3
Workflow Clarity	The core workflow has numbered steps (1-3) for initial enumeration, but the overall engagement flow lacks explicit validation checkpoints and feedback loops. For destructive operations like disabling CloudTrail or modifying Lambda code, there are no verification steps or rollback procedures. The Constraints section mentions documentation but doesn't integrate it into the workflow.	2 / 3
Progressive Disclosure	The skill references an advanced file (references/advanced-aws-pentesting.md) for deeper topics, which is good one-level-deep disclosure. However, no bundle files are provided to support this reference, and the main file itself is quite long (~300+ lines) with sections like EC2 exploitation and SSM that could be split into separate reference files for better organization.	2 / 3
	Total	9 / 12 Passed

Description

82%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a strong description with excellent specificity and domain-relevant trigger terms that security professionals would naturally use. Its main weakness is the absence of an explicit 'Use when...' clause, which would help Claude know precisely when to select this skill. The description is well-scoped to AWS cloud penetration testing, making it highly distinctive.

Suggestions

Add an explicit 'Use when...' clause, e.g., 'Use when the user asks about AWS penetration testing, cloud security assessments, red teaming AWS infrastructure, or exploiting AWS services like IAM, S3, or Lambda.'

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques. These are well-defined, actionable capabilities.	3 / 3
Completeness	The 'what' is clearly answered with specific techniques and capabilities. However, there is no explicit 'Use when...' clause or equivalent trigger guidance, which caps this at 2 per the rubric guidelines.	2 / 3
Trigger Term Quality	Includes strong natural keywords users would say: 'penetration testing', 'AWS', 'IAM', 'privilege escalation', 'SSRF', 'S3 bucket', 'Lambda', 'red team'. These cover the domain well and match how security professionals would phrase requests.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with a clear niche: AWS-specific penetration testing and red team operations. The combination of AWS cloud security, specific attack techniques (SSRF to metadata, Lambda extraction), and red team framing makes it unlikely to conflict with other skills.	3 / 3
	Total	11 / 12 Passed

Validation

90%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 10 / 11 Passed

Validation for skill structure

Criteria	Description	Result
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	10 / 11 Passed

Repository: sickn33/antigravity-awesome-skills
Commit: d89c349

Reviewed: 5 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.