AWS security configuration scanning and hardening using Prowler, Security Hub, and AWS Config
Scans AWS configurations for security vulnerabilities and compliance violations using Prowler and Security Hub.
npx claudepluginhub a5c-ai/babysitterThis skill is limited to using the following tools:
README.mdAutomated AWS security configuration scanning and hardening to identify misconfigurations, compliance violations, and security risks across AWS accounts and organizations.
| Category | Services |
|---|---|
| Identity | IAM, SSO, Organizations |
| Compute | EC2, Lambda, ECS, EKS |
| Storage | S3, EBS, EFS, Glacier |
| Database | RDS, DynamoDB, Redshift |
| Network | VPC, CloudFront, Route53 |
| Security | Security Hub, GuardDuty, KMS |
| Monitoring | CloudTrail, CloudWatch, Config |
{
"type": "object",
"properties": {
"scanType": {
"type": "string",
"enum": ["full", "cis", "pci", "hipaa", "gdpr", "custom"],
"description": "Type of security scan"
},
"awsAccounts": {
"type": "array",
"items": { "type": "string" },
"description": "AWS account IDs to scan"
},
"regions": {
"type": "array",
"items": { "type": "string" },
"description": "AWS regions to scan"
},
"services": {
"type": "array",
"items": { "type": "string" },
"description": "Specific services to scan"
},
"severityThreshold": {
"type": "string",
"enum": ["critical", "high", "medium", "low", "informational"]
},
"complianceFrameworks": {
"type": "array",
"items": {
"type": "string",
"enum": ["CIS", "PCI-DSS", "HIPAA", "GDPR", "SOC2", "NIST"]
}
},
"excludeChecks": {
"type": "array",
"items": { "type": "string" },
"description": "Check IDs to exclude"
}
},
"required": ["scanType"]
}
{
"type": "object",
"properties": {
"scanId": {
"type": "string"
},
"scanTimestamp": {
"type": "string",
"format": "date-time"
},
"accountsScanned": {
"type": "array"
},
"regionsScanned": {
"type": "array"
},
"summary": {
"type": "object",
"properties": {
"totalChecks": { "type": "integer" },
"passed": { "type": "integer" },
"failed": { "type": "integer" },
"warnings": { "type": "integer" }
}
},
"findingsBySeverity": {
"type": "object",
"properties": {
"critical": { "type": "integer" },
"high": { "type": "integer" },
"medium": { "type": "integer" },
"low": { "type": "integer" }
}
},
"findings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"checkId": { "type": "string" },
"severity": { "type": "string" },
"service": { "type": "string" },
"region": { "type": "string" },
"resourceId": { "type": "string" },
"description": { "type": "string" },
"remediation": { "type": "string" },
"complianceMapping": { "type": "array" }
}
}
},
"complianceStatus": {
"type": "object"
},
"recommendations": {
"type": "array",
"items": { "type": "string" }
},
"reportPaths": {
"type": "object",
"properties": {
"html": { "type": "string" },
"csv": { "type": "string" },
"json": { "type": "string" }
}
}
}
}
skill: {
name: 'aws-security-scanner',
context: {
scanType: 'cis',
awsAccounts: ['123456789012'],
regions: ['us-east-1', 'us-west-2'],
complianceFrameworks: ['CIS', 'SOC2'],
severityThreshold: 'medium'
}
}
Activates when the user asks about AI prompts, needs prompt templates, wants to search for prompts, or mentions prompts.chat. Use for discovering, retrieving, and improving prompts.
Search, retrieve, and install Agent Skills from the prompts.chat registry using MCP tools. Use when the user asks to find skills, browse skill catalogs, install a skill for Claude, or extend Claude's capabilities with reusable AI agent components.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.