Detecting AWS IAM Privilege Escalation Overview This skill uses boto3 and Cloudsplaining-style analysis to identify IAM privilege escalation paths in AWS accounts. It downloads the account authorization details, analyzes each policy for dangerous permission combinations (iam:PassRole + lambda:CreateFunction, iam:CreatePolicyVersion, sts:AssumeRole), and flags policies that violate least-privilege principles. When to Use - When investigating security incidents that require detecting aws iam privilege escalation - When building detection rules or threat hunting queries for this domain - When SO…