aws-amplify
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- Official Resource Integration: The skill references and downloads project templates and libraries from official AWS and Amplify GitHub organizations (e.g.,
aws-samples,aws-amplify). These are trusted sources consistent with the vendor's own infrastructure. - Secure Secrets Management: The documentation emphasizes the use of the
secret()API and AWS Systems Manager (SSM) Parameter Store (SecureString) for handling sensitive credentials like OAuth client secrets, which is a recommended security practice to avoid hardcoding secrets in source control. - Safe Dependency Management: Package installations use standard package managers (npm, pub, SPM) and refer to official Amplify SDKs and UI components. Remote repository access is limited to well-known, vendor-managed templates.
- AI Feature Considerations: The skill includes patterns for integrating AI via Amazon Bedrock. It correctly identifies the necessity of authorization rules (owner-based access for conversations) and notes that PII should be handled carefully, recommending CloudWatch Logs encryption (KMS).
- Infrastructure as Code (IaC): Usage of AWS CDK for custom resources and overrides follows standard AWS development workflows for extending managed service capabilities.
Audit Metadata