setup-devops-agent
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [Command Execution]: The skill uses various shell commands for environment diagnostics and connectivity verification. This includes
aws sts get-caller-identityto check credentials andcurlto test API endpoints. These are standard practices for verifying a DevOps environment. - [Remote Code Execution]: The skill instructs the installation and execution of
mcp-proxy-for-awsviauvx. This involves downloading and running code from a remote source. Given the skill's purpose as an AWS setup tool, this is considered intended functionality. - [External Downloads]: The documentation includes instructions for installing the
uvtool using a remote script (curl -LsSf https://astral.sh/uv/install.sh | sh). While this is a common installation pattern for this tool, users should ensure they trust the source before execution. - [Sensitive Data Handling]: The skill manages authentication through Bearer tokens and AWS SigV4 credentials. It provides clear guidance on setting environment variables (
DEVOPS_AGENT_TOKEN) and writing configuration files (.mcp.json) to manage these secrets appropriately within the local environment.
Audit Metadata