Access Control Auditing

Overview

Audit access control implementations across codebases, cloud configurations, and application layers for security vulnerabilities and policy violations. This skill targets IAM policies, ACLs, RBAC configurations, file permissions, and API authorization logic to identify privilege escalation paths, overly permissive grants, and violations of the principle of least privilege.

Prerequisites

• Access to the target codebase and configuration files in ${CLAUDE_SKILL_DIR}/
• Familiarity with the authorization model in use (RBAC, ABAC, ACL, or IAM)
• grep, find, and standard shell utilities available via Bash
• For cloud audits: CLI tools such as aws iam, gcloud, or az role installed and authenticated
• Reference: ${CLAUDE_SKILL_DIR}/references/README.md for IAM best practices, ACL vulnerability patterns, and NIST/GDPR access control standards

Instructions