terragrunt-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly requires fetching and reading third‑party documentation via WebSearch, Terraform Registry URLs, Git/HTTP module pages, or Context7 MCP for every detected custom provider/module ("Documentation lookup workflow (MANDATORY for ALL detected custom resources)"), so the agent will ingest untrusted, user-generated web content that can alter validation/authentication actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes Terragrunt stack sources like "git::git@github.com:acme/infra-catalog.git//units/vpc?ref=v0.0.1" which Terragrunt will clone at runtime (e.g., during terragrunt stack generate/init) and the fetched module code is executed by Terraform/Terragrunt, so this is a runtime external dependency that executes remote code.