amazon-elasticache
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- Security Audit Functionality: The skill includes a dedicated
security_audit.pyscript designed to inspect existing caches. This script reviews configurations such as TLS, authentication modes, and encryption at rest to help maintain a secure posture. - Input Validation Framework: A central
input_validator.pyscript is utilized across the skill's workflows. It sanitizes user-provided values for cache names, IDs, and regions before they are used in commands, acting as a safeguard against potential injection patterns. - Authentication Guidance: The instructions prioritize secure authentication methods, specifically recommending IAM authentication and RBAC (Role-Based Access Control) while discouraging legacy AUTH tokens.
- Encrypted Communication: The skill enforces TLS (in-transit encryption) as a requirement for serverless deployments and as a recommended best practice for node-based clusters.
- Controlled Command Execution: The
start_tunnel.pyscript uses system processes to initiate AWS SSM sessions. This is used for establishing secure tunnels to VPC-internal resources, following established cloud management patterns.
Audit Metadata