amazon aurora dsql
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides templates for using standard, official administrative tools such as the AWS CLI (
aws dsql) andpsql. These commands are used for legitimate cluster management tasks and query plan analysis, utilizing secure IAM-based authentication patterns. - [EXTERNAL_DOWNLOADS]: The skill references official Amazon Web Services documentation and the
aws-samplesGitHub repository. These sources are well-known and trusted for providing configuration guidance and implementation examples. - [PROMPT_INJECTION]: While the skill processes user-supplied SQL and database migration files, it mitigates potential risks through mandated security controls. It enforces the use of
safe_query.build()for input sanitization anddsql_lintfor compatibility validation, effectively preventing malicious SQL injection or unauthorized cross-tenant data access.
Audit Metadata