amazon-documentdb

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [External Dependencies]: The skill interacts with trusted external resources, such as downloading the Amazon RDS global CA bundle from 'truststore.pki.rds.amazonaws.com' and cloning the official 'amazon-documentdb-tools' repository from the 'awslabs' GitHub organization. These are standard components used for secure connectivity and migration assessment.
  • [Administrative Command Execution]: To perform management tasks, the skill utilizes standard tools including the AWS CLI, 'mongosh', and a bundled Python diagnostics script. These operations are transparently documented as part of the intended administrative workflows.
  • [Diagnostic Data Processing]: The skill collects infrastructure metadata and database performance statistics to generate architectural reviews. These activities are consistent with the skill's primary purpose and use well-known libraries such as 'boto3' and 'pymongo' for data collection.
  • [Security Best Practices]: The instructions prioritize secure configurations, specifically recommending encryption at rest, network isolation via VPC security groups, and the use of managed master user passwords in AWS Secrets Manager to avoid hardcoded credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 11:16 AM
Security Audit — agent-trust-hub — amazon-documentdb