Skills
skills/alexei-led/cc-thingz/managing-infra/Gen Agent Trust Hub

managing-infra

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill promotes security best practices by explicitly instructing the agent to perform dry-runs (terraform plan, kubectl diff, helm upgrade --dry-run) and request user confirmation before executing any state-changing commands.
  • [SAFE]: Kubernetes resource patterns include hardened securityContext configurations, such as enforcing runAsNonRoot, using readOnlyRootFilesystem, and dropping all Linux capabilities (drop: [ALL]).
  • [SAFE]: GitHub Actions patterns emphasize supply chain security by recommending pinning third-party actions to specific commit SHAs instead of floating tags and defining least-privilege permissions blocks.
  • [SAFE]: Dockerfile templates utilize multi-stage builds and minimal, non-root base images (like Distroless and Python-slim) to minimize the container attack surface.
  • [SAFE]: Terraform patterns include recommendations for handling sensitive outputs using the sensitive = true attribute and leveraging local variables for common tags to ensure consistent environment tracking.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 08:41 PM