Refresh AWS CIS v5 evidence mapping

[x0tta6bl4-ai]

Summary

• Refreshes aws-review from a CIS AWS Foundations v3.0.0-only, 62-denominator model to CIS AWS Foundations v5.0.0-aware reporting.
• Adds benchmark preflight fields for benchmark version, source date, Security Hub standard ARN/version, evidence source, legacy baseline, and denominator source.
• Adds support-status categories for current v5 supported, legacy, removed, unsupported by Security Hub, manual evidence, and not evaluable controls.
• Replaces the old five-section v3-only checklist with a Security Hub CSPM v5.0.0 control-family catalog and version mapping/scoring rules.
• Adds benign and vulnerable fixtures showing a proper Security Hub v5 report versus a stale v3 report presented as current.

Bounty

• Closes [REVIEW] aws-review: refresh CIS AWS v5 control mapping #213
• Category: Skill Improvement
• Suggested tier: Moderate ($100) because this updates the default benchmark baseline, output schema, evidence model, scoring rules, companion checklist, references, and fixtures.
• Preferred payment method: crypto to 0x6017613e80d7893EB2aD5c0585b3f1f88CD6e099

Verification

• git diff --check
• Markdown fence balance check for touched markdown files
• Frontmatter delimiter check for skills/cloud/aws-review/SKILL.md
• Markdown table column check for touched markdown files
• Link checks returned HTTP 200 for AWS Security Hub CIS docs, AWS v5.0 announcement, CIS AWS benchmark page, AWS security docs, IAM best practices, CloudTrail docs, Security Hub docs, VPC security docs, and Terraform AWS provider docs
• AWS docs content check confirmed Security Hub CSPM supports CIS AWS Foundations Benchmark v5.0.0, recommends v5.0.0 to stay current, and documents v5 controls including Account.1, CloudTrail.1, EC2.54, and S3.23
• AWS announcement content check confirmed the CIS AWS Foundations Benchmark v5.0 standard includes 40 automated controls

Sources

• AWS Security Hub CSPM CIS AWS Foundations Benchmark: https://docs.aws.amazon.com/securityhub/latest/userguide/cis-aws-foundations-benchmark.html
• AWS Security Hub CSPM supports CIS AWS Foundations Benchmark v5.0: https://aws.amazon.com/about-aws/whats-new/2025/10/aws-security-hub-cspm-cis-foundations-benchmark-v5/
• CIS AWS benchmark page: https://www.cisecurity.org/benchmark/amazon_web_services

Bounty Terms

• I have read and agree to the CONTRIBUTING.md bounty terms.

[kamalsrini]

Thanks for contributing to SecuritySkills, and for your interest in the project 🙏

We're resetting the contribution queue, so we're closing the currently open PRs — this isn't a reflection of your work, and you're welcome to resubmit.

When you do, please include evidence that the skill was actually used: the skill run against a real repository, with the findings it produced. That's how we recognize genuinely useful contributions, and it's where strong work stands out. The PR template lays out exactly what to include: https://github.com/UnitOneAI/SecuritySkills/blob/main/.github/PULL_REQUEST_TEMPLATE.md