setup-devops-agent

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [Command Execution]: The skill uses various shell commands for environment diagnostics and connectivity verification. This includes aws sts get-caller-identity to check credentials and curl to test API endpoints. These are standard practices for verifying a DevOps environment.
  • [Remote Code Execution]: The skill instructs the installation and execution of mcp-proxy-for-aws via uvx. This involves downloading and running code from a remote source. Given the skill's purpose as an AWS setup tool, this is considered intended functionality.
  • [External Downloads]: The documentation includes instructions for installing the uv tool using a remote script (curl -LsSf https://astral.sh/uv/install.sh | sh). While this is a common installation pattern for this tool, users should ensure they trust the source before execution.
  • [Sensitive Data Handling]: The skill manages authentication through Bearer tokens and AWS SigV4 credentials. It provides clear guidance on setting environment variables (DEVOPS_AGENT_TOKEN) and writing configuration files (.mcp.json) to manage these secrets appropriately within the local environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 07:17 AM
Security Audit — agent-trust-hub — setup-devops-agent