Opensearch Vector Search
v1.3.2Amazon OpenSearch vector search expert knowledge base. Comprehensive guidance on vector search configuration, cluster tuning, quantization, cost optimization...
⭐ 0· 128·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (OpenSearch vector search KB + live analysis + pricing) matches the included artifacts: reference docs, a cluster analyzer script, and an AWS pricing script. Declared tools (python3, boto3, opensearch-py) and optional AWS env vars are proportional to the pricing and analysis features.
Instruction Scope
SKILL.md explicitly warns not to execute reference examples automatically and states the scripts are read-only and run only with explicit user consent. That scope is appropriate, but running the analyzer requires the user to provide cluster credentials — that grants the script read access to cluster state and metadata, so users should only provide least-privilege credentials and inspect the script before running. The SKILL.md's instructions are reasonably scoped but rely on operator discipline.
Install Mechanism
This is instruction-only (no install spec). There are two Python scripts included but no automatic installation or remote download steps. No high-risk download URLs or archive extraction were specified in the manifest.
Credentials
No required environment variables are forced; AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are declared optional and explicitly documented as only necessary for running the pricing script. No unrelated credentials, config paths, or excessive env requirements are requested.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not claim to modify other skill configs. It requires explicit user action to run scripts that may open network connections.
Assessment
This skill appears coherent with its stated purpose, but take these precautions before running anything or providing credentials:
- Inspect the two scripts (scripts/analyze_cluster.py and scripts/get_opensearch_pricing.py) yourself or run them in an isolated environment to confirm they only perform read-only API calls and send data only to expected endpoints (your OpenSearch cluster and AWS Pricing API).
- When asked to provide OpenSearch credentials, supply a least-privilege account (read-only, limited indices) rather than an admin user. Prefer short-lived credentials if possible.
- For AWS pricing, use an IAM user/role with minimal permissions required for the Pricing API (or run the script locally under your own AWS profile) and rotate any credentials after use.
- Do not allow the agent to automatically execute example curl/PUT/POST snippets from the references; treat those as documentation only.
- Review network activity (outbound connections) when running the scripts to ensure no unexpected endpoints receive data.
If you want additional assurance, paste the full contents of the two scripts here (or review them locally) and I can point out any lines that attempt to write, modify indices, or contact unexpected hosts. If you cannot review the code, consider running it on a disposable machine or container with no credentials first.Like a lobster shell, security has layers — review code before you run it.
awsvk972pwyjf9xhexzdqhqw8qe3718374njknnvk972pwyjf9xhexzdqhqw8qe3718374njlatestvk97fy5835y8mfbna657weaw3g1838nzbopensearchvk972pwyjf9xhexzdqhqw8qe3718374njvector-searchvk972pwyjf9xhexzdqhqw8qe3718374nj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.