Skills
skills/opensearch-project/opensearch-agent-skills/opensearch-skills/Gen Agent Trust Hub

opensearch-skills

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to manage a local OpenSearch environment via Docker (scripts/lib/client.py) and to identify the process port for the Search Builder UI using the lsof utility (scripts/lib/ui.py). Both use-cases utilize argument lists to prevent shell injection and are consistent with the skill's infrastructure management role.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to retrieve sample data from user-provided URLs (scripts/lib/samples.py) and fetches documentation results from DuckDuckGo (scripts/opensearch_ops.py). These operations are essential for its functionality as a search application builder.
  • [CREDENTIALS_UNSAFE]: Administrative default passwords (myStrongPassword123!) are used within the Docker bootstrapping logic (scripts/lib/client.py and scripts/start_opensearch.sh) to simplify local development setup. The skill also facilitates the handling of AWS credentials through established standard libraries like boto3.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:08 AM