The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): The file references/advanced-configuration.md includes a wget command to download the official AWS RDS CA certificate bundle from truststore.pki.rds.amazonaws.com. This is a standard and safe operation for configuring secure database connections.
[DATA_EXFILTRATION] (SAFE): The configuration examples correctly promote the use of AWS Secrets Manager to retrieve database credentials at runtime, which is a significant security improvement over hardcoding credentials in property files.
[COMMAND_EXECUTION] (SAFE): Includes routine infrastructure management commands such as telnet for port testing and mysql/psql for database connectivity verification. These are standard troubleshooting tools and are used appropriately in context.
[CREDENTIALS_UNSAFE] (SAFE): No hardcoded secrets, API keys, or passwords were found. All JDBC URLs and property values use standard placeholders (e.g., myapp-aurora-cluster.cluster-abc123xyz.us-east-1.rds.amazonaws.com).
[DATA_EXPOSURE] (LOW): The DatabaseHealthController snippet in references/troubleshooting.md includes the database URL in its response. While intended for troubleshooting, exposing internal connection strings in production APIs can reveal network architecture details.

aws-rds-spring-boot-integration