terragrunt-validator
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Trivy security scanner installation script from the official Aqua Security GitHub repository. Aqua Security is a well-known security vendor, and the use of their official installation script is a standard practice for integrating this tool.
- [COMMAND_EXECUTION]: Executes Terragrunt, Terraform/OpenTofu, TFLint, and security scanners (Trivy, Checkov) as part of its core validation and auditing functionality. These operations are scoped to the target infrastructure directory provided by the user.
- [PROMPT_INJECTION]: The skill instructs the agent to perform documentation lookups for custom providers and modules identified in HCL files. While this involves processing external data, it is a core feature of the skill designed to help the user understand their infrastructure dependencies and does not attempt to bypass safety guidelines.
- [SAFE]: The skill uses placeholders for sensitive data (such as AWS account IDs and API keys) in its test fixtures and examples. It also correctly recommends the use of environment variables and IAM roles for authentication instead of hardcoded credentials.
Audit Metadata