The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses subprocess calls to interact with the AWS CLI for identity verification (sts get-caller-identity), cluster discovery (rds describe-db-clusters), and IAM token generation (rds generate-db-auth-token). These are legitimate uses of official tools required for the skill's primary function and are handled with controlled arguments.
[EXTERNAL_DOWNLOADS]: During the interactive setup process, the skill may use the system's Python package manager (pip) to install the 'psycopg2-binary' library from the official Python Package Index (PyPI). This is a standard dependency for PostgreSQL interaction and is documented in the prerequisites.
[SAFE]: Authentication is managed entirely through AWS IAM database authentication tokens. No passwords, long-term access keys, or secrets are stored in configuration files or code. The configuration file (~/.rds-skill/config.json) only contains connection metadata such as hostnames and database names.
[PROMPT_INJECTION]: The skill implements defensive SQL validation in its shared client library (scripts/lib/client.py). This validation blocks multi-statement queries (semicolon separation) across all modes and enforces a strict read-only keyword whitelist when the connection is in the default 'reject' write-mode. This provides a strong layer of protection against unauthorized database operations.
[DATA_EXFILTRATION]: Network operations are restricted to establishing connections with AWS RDS endpoints via the psycopg2 library and generating tokens via the AWS CLI. No unauthorized data transfers to third-party domains were detected.

rds