Skill Detail

Audit AWS IAM policies for risky permissions with Cloudsplaining

Use Cloudsplaining when an agent needs to flag privilege-escalation paths and overbroad IAM permissions before an AWS policy change reaches production.

Security & VerificationMulti-Framework

Security & Verification Multi-Framework Security Reviewed

⭐ 2.2k GitHub stars

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill audit-aws-iam-policies-for-risky-permissions-with-cloudsplaining Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source Documentation

At a glance

Tools required

Python 3, AWS IAM policy JSON or account data, and Cloudsplaining.

Install & setup

Install with `pip install cloudsplaining`, export or collect the IAM policies you want to review, then run Cloudsplaining reports as part of access review or deployment checks.

Author

Salesforce

Publisher

Organization

Last updated

Apr 15, 2026

Quick brief

Cloudsplaining is a clean security workflow for agents: inspect AWS IAM policies, identify risky actions and escalation paths, and produce findings before deploy or during access review. Invoke it when the operator job is IAM risk review, not when you simply need AWS to accept a policy document. The boundary is strong: this is preflight IAM analysis and remediation guidance, not a generic AWS SDK, cloud platform, or IAM product listing.

Best fit

When to reach for it

Best when the job fits Security & Verification.
Works naturally with Multi-Framework setups.
Requires Python 3, AWS IAM policy JSON or account data, and….
Installation is straightforward: Install with `pip install cloudsplaining`, export or collect the IAM policies you want to review, then…

Trust & provenance

Why this listing is credible

Trust status: Security Reviewed.
2.2k GitHub stars on the linked upstream source.
Last updated Apr 15, 2026.

View source ↗ Documentation ↗