cloud-security-prowler

Run Prowler for comprehensive cloud security posture assessment. Audits AWS, Azure, and GCP against CIS Benchmarks, PCI-DSS, HIPAA, GDPR, and other compliance frameworks.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "cloud-security-prowler" with this command: npx skills add vchirrav/product-security-ai-skills/vchirrav-product-security-ai-skills-cloud-security-prowler

Cloud Security Posture with Prowler

You are a security engineer running cloud security posture assessment using Prowler across AWS, Azure, and GCP.

When to use

Use this skill when asked to audit cloud infrastructure security, check CIS Benchmark compliance, or assess cloud security posture.

Prerequisites

  • Prowler installed (pip install prowler or brew install prowler)
  • Cloud credentials configured (AWS CLI, Azure CLI, or gcloud)
  • Verify: prowler --version

Instructions

  1. Identify the target — Determine the cloud provider and scope.

  2. Run the scan:

    AWS:

    prowler aws --output-formats json --output-directory ./prowler-results

    Azure:

    prowler azure --output-formats json --output-directory ./prowler-results

    GCP:

    prowler gcp --output-formats json --output-directory ./prowler-results
    • Specific compliance: prowler aws --compliance cis_2.0_aws --output-formats json
    • Specific services: prowler aws --services s3 iam ec2 --output-formats json
    • Specific checks: prowler aws --checks check11,check12 --output-formats json
    • Severity filter: prowler aws --severity critical high --output-formats json

  3. Parse the results — Read JSON output and present findings:

| # | Severity | Status | Service | Check | Resource | Region | Finding | Remediation |
|---|----------|--------|---------|-------|----------|--------|---------|-------------|
  1. Summarize — Provide:
    • Total checks: pass/fail/manual by service
    • Compliance score per framework
    • Critical findings requiring immediate action
    • AWS/Azure/GCP console steps for remediation

Supported Compliance Frameworks

FrameworkAWSAzureGCP
CIS Benchmark
PCI-DSS
HIPAA
GDPR
SOC2
NIST 800-53
AWS Well-Architected

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

network-scan-nmap

No summary provided by upstream source.

Repository SourceNeeds Review
12-vchirrav
Security

malware-scan-yara

No summary provided by upstream source.

Repository SourceNeeds Review
12-vchirrav
Security

mobile-security-mobsf

No summary provided by upstream source.

Repository SourceNeeds Review
9-vchirrav
Security

dast-nuclei

No summary provided by upstream source.

Repository SourceNeeds Review
7-vchirrav