Stats
Actions
Tags
From cybersecurity-skills
Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing cloud audit logs. Identifies after-hours bulk downloads, new IPs, and potential data exfiltration.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills:analyzing-cloud-storage-access-patternsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- When investigating security incidents that require analyzing cloud storage access patterns
pip install boto3 requestspython scripts/agent.py --bucket my-sensitive-data --hours-back 24 --output s3_access_report.json
{"eventName": "GetObject", "requestParameters": {"bucketName": "sensitive-data", "key": "financials/q4.xlsx"},
"sourceIPAddress": "203.0.113.50", "userIdentity": {"arn": "arn:aws:iam::123456789012:user/analyst"}}
npx claudepluginhub costrict-plugins-repo/mukul975-anthropic-cybersecurity-skills-cybersecurity-skillsDetects anomalies in AWS S3, GCS, Azure Blob Storage access via CloudTrail, audit logs, Storage Analytics. Flags bulk downloads, new IPs, API spikes, exfiltration using stats and time-series detection.
Detects abnormal cloud storage access patterns (AWS S3, GCS, Azure Blob) via audit logs, identifying bulk downloads, new IPs, unusual API calls, and potential data exfiltration using statistical baselines.
Detects abnormal access patterns in AWS S3, GCS, Azure Blob Storage by analyzing CloudTrail Data Events, GCS audit logs, Azure Storage Analytics. Identifies bulk downloads, new IPs, API spikes, exfiltration via statistical baselines and anomaly detection.