Skills
skills/akin-ozer/cc-devops-skills/terraform-validator/Socket

terraform-validator

Warn

Audited by Socket on Mar 4, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

The analyzed fragment presents a solid, policy-driven Terraform validation workflow with appropriate tooling and reference material. There is no indication of malicious behavior within the fragment itself. The primary risk lies in external script provenance and network-reliant provider documentation lookups. Recommend strict provenance controls: pin tool versions, verify checksov/tflint/wrappers, and ensure all provider docs fetches are from trusted sources. Overall assessment: benign with moderate supply-chain risk dependent on external script integrity.

Confidence: 75%Severity: 75%
Audit Metadata
Analyzed At
Mar 4, 2026, 08:55 AM
Package URL
pkg:socket/skills-sh/akin-ozer%2Fcc-devops-skills%2Fterraform-validator%2F@648099a3bdc2aba83ac7520849d53d4a37bfa5fd