terraform-github-actions-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches GitHub Actions from trusted vendors (Google, HashiCorp, AWS, GitHub) and reputable infrastructure tools (Aqua Security, Bridgecrew, Infracost, Gruntwork). Each resource is identified by a specific commit SHA for integrity.
- [REMOTE_CODE_EXECUTION]: Executes automation scripts and security scanners via GitHub Actions. All external actions are pinned to specific 40-character commit SHAs to prevent supply chain attacks.
- [COMMAND_EXECUTION]: Runs Terraform and Terragrunt CLI commands for infrastructure management. Commands are configured with security flags like
-input=falseand-no-colorto ensure safe, non-interactive execution. - [PROMPT_INJECTION]: The skill processes untrusted pull request data and plan outputs.
- Ingestion points: Pull request branch names (
github.event.pull_request.head.ref) and Terraform plan outputs (steps.plan.outputs.stdout) are ingested from the environment. - Boundary markers: Plan outputs are wrapped in markdown triple backticks and HTML details tags within pull request comments.
- Capability inventory: Employs
actions/github-scriptto write and update comments on GitHub pull requests using thepull-requests: writepermission. - Sanitization: Implements content truncation at 60,000 characters to prevent excessive content injection. Note: One template interpolates a branch name directly into a script string, which could allow for indirect injection if a malicious branch name contains escape characters.
Audit Metadata