terraform-security
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a security-focused guide for infrastructure-as-code, emphasizing the protection of sensitive state files and environment variables.
- [SAFE]: No hardcoded credentials or malicious scripts were found; the provided code snippets use placeholders and secure secret-handling patterns (e.g., GitHub Secrets, GCP Secret Manager).
- [SAFE]: The provided GitHub Actions workflow references official, well-known actions from the 'actions' and 'hashicorp' organizations.
- [SAFE]: The .gitignore templates correctly implement data exposure prevention by excluding Terraform state and variable files that typically contain secrets in plaintext.
Audit Metadata