diff --git a/README.md b/README.md
index 82468bf..404dd90 100644
--- a/README.md
+++ b/README.md
@@ -182,6 +182,9 @@ Release process:
   [94](https://github.com/Kong/lua-resty-aws/pull/94)
 - fix: fix the bug of missing boolean type with a value of false in the generated request body
   [100](https://github.com/Kong/lua-resty-aws/pull/100)
+- security: remove the documentation entry that contains a sample access key from AWS SDK. This
+  avoids false postive vulnerability report.
+  [102](https://github.com/Kong/lua-resty-aws/pull/102)
 
 ### 1.3.6 (25-Dec-2023)
 
diff --git a/update_api_files.sh b/update_api_files.sh
index 824e67f..93a531a 100755
--- a/update_api_files.sh
+++ b/update_api_files.sh
@@ -11,6 +11,7 @@ SDK_VERSION_TAG=v2.751.0
 # ----------- nothing to customize below -----------
 TARGET=./src/resty/aws/raw-api
 SOURCE=./delete-me
+TFILE=$(mktemp)
 set -e
 pushd "$(dirname "$(realpath "$0")")" > /dev/null
 
@@ -74,6 +75,9 @@ echo "]===]))" >> "$FILENAME"
 # Copy the individual API files
 for f in "${file_list[@]}"; do
   source_file=$SOURCE/apis/$f.normal.json
+  # remove example keys from documentation to prevent security reports from being triggered
+  jq 'walk( if (type == "object") and has("documentation") and (.documentation|contains("wJalrXUtnFEMI")) then del(.documentation) else . end )' "$source_file" >| "$TFILE"
+  mv -f "$TFILE" "$source_file"; touch "$TFILE"
   # replace . with - since . can't be in a Lua module name
   target_file=$TARGET/${f//./-}.lua
   echo "adding: $target_file"