aws-iam

The skill aims to provide architecture guidance for AWS IAM and delegates provisioning actions to an official AWS agent plugin. This is generally coherent with its stated purpose, given IAM tasks are executed via a trusted plugin rather than direct shell commands. Key security considerations include ensuring proper credential handling by the plugin (no hard-coded credentials, secure storage, proper least-privilege IAM roles for the plugin), validating the plugin source, and ensuring that the data flow to AWS IAM APIs does not leak credentials or misconfigure permissions. Overall, the footprint is plausible and moderately scoped, with moderate risk primarily around plugin trust and credential management.