amazon-elasticache

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • Security Audit Functionality: The skill includes a dedicated security_audit.py script designed to inspect existing caches. This script reviews configurations such as TLS, authentication modes, and encryption at rest to help maintain a secure posture.
  • Input Validation Framework: A central input_validator.py script is utilized across the skill's workflows. It sanitizes user-provided values for cache names, IDs, and regions before they are used in commands, acting as a safeguard against potential injection patterns.
  • Authentication Guidance: The instructions prioritize secure authentication methods, specifically recommending IAM authentication and RBAC (Role-Based Access Control) while discouraging legacy AUTH tokens.
  • Encrypted Communication: The skill enforces TLS (in-transit encryption) as a requirement for serverless deployments and as a recommended best practice for node-based clusters.
  • Controlled Command Execution: The start_tunnel.py script uses system processes to initiate AWS SSM sessions. This is used for establishing secure tunnels to VPC-internal resources, following established cloud management patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 11:35 PM
Security Audit — agent-trust-hub — amazon-elasticache