awslabs.aws-documentation-mcp-server

v1.1.24 safe
3.0
Low Risk

An AWS Labs Model Context Protocol (MCP) server for AWS Documentation

🤖 AI Analysis

Final verdict: SAFE

The package primarily interacts with AWS services via HTTP and has no evidence of malicious activities such as shell execution or credential harvesting. The risks noted are minor and do not indicate a supply-chain attack.

  • Network calls appear standard
  • No shell execution detected
  • Code obfuscation is benign
  • Credentials risk is low
Per-check LLM notes
  • Network: Network calls appear to be standard HTTP requests, possibly for interacting with AWS services, but the incomplete code snippets raise some uncertainty.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: The observed pattern is a common technique to extend the search path for packages and is not inherently malicious.
  • Credentials: The code snippet appears to be fetching an environment variable for partition configuration rather than harvesting secrets; however, it should be ensured that sensitive information is not being logged or mishandled.
  • Metadata: The author has only one package, suggesting a new or less active account, but no other red flags are present.

📦 Package Quality Overall: Medium (6.6/10)

✦ High Test Suite 9.0

Test suite present — 17 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 17 test file(s) detected (e.g. __init__.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://awslabs.github.io/mcp/servers/aws-documentation-mcp-
  • Detailed PyPI description (6925 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 16 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 42 unique contributor(s) across 100 commits in awslabs/mcp
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • _intent ) async with httpx.AsyncClient() as client: try: response = await clien
  • ESSION_UUID}' async with httpx.AsyncClient() as client: try: response = await clien
  • SESSION_UUID}' async with httpx.AsyncClient() as client: try: response = await clien
  • {query_id}') async with httpx.AsyncClient() as client: try: response = await clien
Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • amespace packages. __path__ = __import__('pkgutil').extend_path(__path__, __name__) # Copyright Amazon.com, In
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • EL', 'WARNING')) PARTITION = os.getenv('AWS_DOCUMENTATION_PARTITION', 'aws').lower() def main(): "
Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: users.noreply.github.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository awslabs/mcp appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Amazon Web Services" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with awslabs.aws-documentation-mcp-server 
Create a web-based documentation explorer tool using the 'awslabs.aws-documentation-mcp-server' package. This tool will allow users to explore and search through AWS documentation dynamically. Here are the steps and features you need to implement:

1. **Setup Environment**: Ensure Python 3.8+ is installed. Install the required packages including 'awslabs.aws-documentation-mcp-server'.
2. **Initialize MCP Server**: Use the 'awslabs.aws-documentation-mcp-server' to initialize a Model Context Protocol server which will serve as the backend for fetching AWS documentation data.
3. **Frontend Development**: Develop a simple but intuitive frontend using HTML/CSS/JavaScript to interact with the MCP server. Implement a search bar for querying specific topics within AWS documentation.
4. **API Integration**: Create RESTful APIs that interact with the MCP server to fetch and filter documentation based on user queries. This API should support GET requests for searching, filtering, and retrieving document sections.
5. **User Interface Features**:
   - **Search Functionality**: Allow users to search for keywords across all AWS documentation sections.
   - **Filter Options**: Provide options to filter results by service (e.g., S3, Lambda, RDS).
   - **Dynamic Loading**: Implement dynamic loading of content as users navigate through different sections of the documentation.
6. **Security Measures**: Ensure that any sensitive information is handled securely. Consider implementing basic authentication for accessing the API endpoints.
7. **Testing**: Write unit tests for your APIs and integration tests to ensure the frontend works seamlessly with the backend.
8. **Deployment**: Deploy the application on a cloud platform like AWS or Heroku. Make sure to configure environment variables for any secrets or API keys.

By following these steps, you'll create a valuable tool for developers looking to quickly find information in the vast AWS documentation library.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!