The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references downloading an SSL certificate bundle from Amazon's official trust store (truststore.pki.rds.amazonaws.com). This is a secure and expected operation for establishing encrypted database connections to a well-known service.
[CREDENTIALS_UNSAFE]: Documentation examples contain hardcoded dummy credentials like 'YourStrongPassword123!' and 'root'. These are clearly intended as placeholders for instructional purposes and do not constitute a security risk in the context of the skill's primary purpose.
[COMMAND_EXECUTION]: The skill utilizes shell commands via the Bash tool for administrative tasks such as environment variable configuration and connectivity testing using standard utilities like telnet, mysql, and psql clients.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it involves processing configuration parameters that could be sourced from external data. 1. Ingestion points: Database endpoints and credentials in property files and environment variables. 2. Boundary markers: Absent. 3. Capability inventory: Access to Bash, Write, and Edit tools to modify system state based on configuration. 4. Sanitization: No explicit validation or sanitization of configuration inputs is mentioned in the instructions.

aws-rds-spring-boot-integration