Skills
skills/aws-samples/sample-agent-skills-for-builders/aws-mcp-setup/Gen Agent Trust Hub

aws-mcp-setup

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests access to standard system tools (which, cat) and specific CLI tools (aws, claude) to verify the local environment. These commands are used to check for the existence of the uv package manager, verify AWS credential status via aws sts get-caller-identity, and list existing MCP configurations.
  • [DATA_EXPOSURE]: The skill reads configuration files (.mcp.json, ~/.claude.json). These files are the standard location for MCP server settings. The skill uses these to check if AWS-related servers are already configured, preventing duplicate setup.
  • [EXTERNAL_DOWNLOADS]: The configuration guides reference official AWS resources including the mcp-proxy-for-aws package from the aws GitHub organization and API endpoints on the api.aws domain. These are trusted vendor resources for the stated purpose of AWS integration.
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user/agent to configure a server using uvx mcp-proxy-for-aws@latest. This utility runs the official AWS MCP proxy. As this is part of the documented setup for an official AWS service and uses a trusted package from an official source, it is considered safe functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 09:26 AM