Skills
NYC
skills/giuseppe-trisciuoglio/developer-kit/aws-sdk-java-v2-secrets-manager/Gen Agent Trust Hub

aws-sdk-java-v2-secrets-manager

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICAL
Full Analysis
  • [SAFE] (SAFE): No malicious patterns, prompt injections, or exfiltration vectors were detected in the documentation or code snippets.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill references official AWS SDK dependencies for Maven and Gradle. These are hosted on Maven Central, which is a trusted repository.
  • [CREDENTIALS_UNSAFE] (SAFE): While the skill's primary purpose is secret management, it contains no hardcoded credentials, API keys, or private tokens. It correctly demonstrates the use of AwsCredentialsProvider placeholders.
  • [FALSE POSITIVE ALERT] (SAFE): The automated scanner alert for 'this.ca' is a false positive. It was triggered by the Java code this.cache in references/caching-guide.md, where the scanner incorrectly parsed the variable access as a Canadian TLD URL.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 04:54 PM