aws-aurora
Facilitates efficient connection management for AWS Aurora databases using serverless architecture and RDS Proxy for optimal performance.
Install this skill
Security score
The aws-aurora skill was audited on Jun 8, 2026 and we found 23 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Direct command execution function call
| 469 | execSync('npx prisma migrate deploy', { |
Template literal with variable interpolation in command context
| 452 | ```yaml |
Node child_process module reference
| 465 | import { execSync } from 'child_process'; |
Access to .env file
| 98 | hostname: process.env.RDS_PROXY_ENDPOINT!, |
Access to .env file
| 100 | username: process.env.DB_USER!, |
Access to .env file
| 101 | region: process.env.AWS_REGION! |
Access to .env file
| 109 | host: process.env.RDS_PROXY_ENDPOINT, |
Access to .env file
| 111 | database: process.env.DB_NAME, |
Access to .env file
| 112 | user: process.env.DB_USER, |
Access to .env file
| 170 | secretArn: process.env.DB_SECRET_ARN!, |
Access to .env file
| 171 | resourceArn: process.env.DB_CLUSTER_ARN!, |
Access to .env file
| 172 | database: process.env.DB_NAME!, |
Access to .env file
| 173 | region: process.env.AWS_REGION! |
Access to .env file
| 352 | db: { url: process.env.DATABASE_URL } |
Access to .env file
| 471 | ...process.env, |
Access to .env file
| 472 | DATABASE_URL: process.env.DATABASE_URL |
Access to .env file
| 512 | host: process.env.DB_HOST, |
Access to .env file
| 514 | database: process.env.DB_NAME, |
Access to .env file
| 515 | user: process.env.DB_USER, |
Access to .env file
| 516 | password: process.env.DB_PASSWORD, |
Access to .env file
| 571 | hostname: process.env.DB_HOST!, |
Access to .env file
| 581 | host: process.env.DB_HOST, |
Access to .env file
| 596 | new GetSecretValueCommand({ SecretId: process.env.DB_SECRET_ARN }) |