detecting-compromised-cloud-credentials

Detects compromised cloud credentials across AWS, Azure, and GCP by analyzing anomalous API activity and credential abuse indicators.

Install this skill

95/100

Security score

The detecting-compromised-cloud-credentials skill was audited on Jun 5, 2026 and we found 5 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

low line 119

External URL reference

SourceSKILL.md

119	--url "https://graph.microsoft.com/v1.0/auditLogs/signIns?\$filter=riskLevelDuringSignIn ne 'none' and createdDateTime ge 2026-02-16T00:00:00Z&\$top=50" \

low line 125

External URL reference

SourceSKILL.md

125	--url "https://graph.microsoft.com/v1.0/auditLogs/signIns?\$filter=riskEventTypes_v2/any(r:r eq 'anonymizedIPAddress') and createdDateTime ge 2026-02-22T00:00:00Z" \

low line 131

External URL reference

SourceSKILL.md

131	--url "https://graph.microsoft.com/v1.0/identityProtection/riskyUsers?\$filter=riskLevel eq 'high'" \

low line 137

External URL reference

SourceSKILL.md

137	--url "https://graph.microsoft.com/v1.0/auditLogs/directoryAudits?\$filter=activityDisplayName eq 'Consent to application' and activityDateTime ge 2026-02-16T00:00:00Z" \

low line 259

External URL reference

SourceSKILL.md

259	--url "https://graph.microsoft.com/v1.0/users/COMPROMISED_USER_ID/revokeSignInSessions"

Scanned on Jun 5, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

openclaw api security-engineer devops-sre aws azure gcp development

hironow/cyber