data-iac
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWNO_CODE
Full Analysis
- SAFE: No security vulnerabilities or malicious patterns detected. The skill consists entirely of documentation and best-practice templates for cloud infrastructure management.- INDIRECT_PROMPT_INJECTION (INFO): The skill provides patterns for processing infrastructure variables. While this is an ingestion surface for user-controlled data, the patterns include best practices for input validation and do not contain executable code that would directly process untrusted data.
- Ingestion points: variables.tf, terraform.tfvars, and CDK stack props.
- Boundary markers: Absent (natural delimiter of HCL/TypeScript files).
- Capability inventory: None (Documentation only), though it guides high-privilege cloud provisioning actions.
- Sanitization: Skill promotes the use of HCL validation blocks for input checking.
Audit Metadata