writing-infrastructure-code

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill instructs running Terraform/Pulumi commands and explicitly references public module registries and git sources (e.g., module source "terraform-aws-modules/vpc/aws", git::https://github.com/..., and scripts that call terraform init / pulumi preview), which causes the agent/runtime to fetch and process untrusted public third‑party modules/providers and their outputs as part of its workflow.