terraform-github-actions-deploy

The skill's footprint is coherent with its stated purpose: it guides the creation of secure Terraform Terragrunt CI/CD workflows using OIDC/WIF, enforces non-interactive credentials, and integrates IaC security scanning. The data flows align with legitimate CI patterns (PR comments, status checks, artifact handling) and do not reveal credential harvesting or unauthorized data leakage. The use of pinned official Actions with SHA pins, and restricted permissions, further supports a benign/executable intent suitable for infrastructure automation tooling. Overall, the risk posture is low to moderate (benign) given the described scope, with proper supply-chain hygiene and least-privilege configurations.