security-iam-reviewer_skill

This skill analyzes IAM controls against NIST SP 800-63B, enforcing MFA, least privilege, and robust account management for audits.
  • Python

5

GitHub Stars

2

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill williamzujkowski/cognitive-toolworks --skill security-iam-reviewer

  • CHANGELOG.md747 B
  • SKILL.md7.8 KB

Overview

This skill reviews identity and access management against NIST SP 800-63B guidance, focusing on MFA enforcement, password policy, and least-privilege validation. It produces a structured findings report, a NIST AAL compliance check (if requested), and prioritized remediation actions. The output is suitable for security audits, compliance reviews, and pre-production gating.

How this skill works

The skill inspects authentication, authorization, and account-management controls using a checklist derived from NIST SP 800-63B and relevant SP 800-53 controls. It validates input parameters, evaluates MFA and password policies, checks session and account lifecycle settings, and classifies risk by severity with CVSS-based guidance. If an authenticator level is specified, it maps current configurations to AAL1–AAL3 and enumerates gaps and remediation steps.

When to use it

  • Pre-production IAM security audit before deployment
  • NIST SP 800-63B compliance assessment or evidence generation
  • Post-incident identity and access review
  • Privileged access management (PAM) or third-party IAM questionnaire
  • When documenting gaps for remediation planning or risk scoring

Best practices

  • Provide a named identity_provider and select an explicit iam_scope to avoid incomplete reviews
  • Use AAL target only when you can supply authenticator configuration details
  • Supply policy documents or read-only admin access if configuration data is missing
  • Avoid sharing actual credentials; use sanitized examples for findings and remediation
  • Prioritize fixes for MFA on privileged accounts, password breach checking, and overpermissive roles

Example use cases

  • Run an authentication-focused review to confirm MFA enforcement for admin roles (AAL2 target)
  • Assess account-management controls to find stale or shared service accounts and propose rotation/deactivation windows
  • Validate authorization model for least privilege and separation-of-duties violations in RBAC/ABAC systems
  • Produce a compliance-ready JSON report to feed a governance or ticketing system
  • Perform a post-incident sweep to identify missing session timeouts and credential-exposure risks

FAQ

At minimum supply identity_provider and iam_scope. For AAL validation, also supply authenticator_level and authentication system documentation or access.

Can this skill modify IAM settings automatically?

No. This skill generates findings, remediation steps, and policy/config snippets but does not change configurations. Use it to guide changes or feed automation tools.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
security-iam-reviewer skill by williamzujkowski/cognitive-toolworks | VeilStrat