terraform-state-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill contains instructions for executing standard Terraform CLI commands like
terraform import,state mv, andstate rm. These are appropriate for the intended purpose of a state manager and are accompanied by safety warnings and verification steps. - [DATA_EXPOSURE] (SAFE): While Terraform state files are highly sensitive, the skill correctly identifies this risk by recommending S3 backends with encryption and DynamoDB locking. There are no patterns suggesting unauthorized access or exfiltration of these files.
- [PROMPT_INJECTION] (SAFE): No instruction overrides, bypass markers, or role-play injection patterns were found in the metadata or the body of the skill.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill guides an agent to process Terraform state files and command outputs (e.g.,
terraform show -json). - Boundary markers: None explicitly defined in the prompts, though it relies on standard CLI output formats.
- Capability inventory: The skill allows for modification of infrastructure state via the
terraformCLI. - Sanitization: Not applicable as this is a documentation-based skill providing a workflow for a human or agent to follow.
Audit Metadata