Skills
skills/bagelhole/devops-security-agent-skills/opentofu-migration/Gen Agent Trust Hub

opentofu-migration

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and execute an installation script from get.opentofu.org, which is the official domain for the OpenTofu project.
  • [COMMAND_EXECUTION]: Includes standard shell commands for managing Infrastructure-as-Code, such as tofu init, tofu plan, and tofu apply. These are essential to the primary purpose of the skill.
  • [REMOTE_CODE_EXECUTION]: Utilizes the opentofu/setup-opentofu GitHub Action and official Docker images from ghcr.io/opentofu/opentofu, which are standard deployment practices for this ecosystem.
  • [CREDENTIALS_UNSAFE]: Demonstrates secure practices for credential management, such as using environment variables (AWS_*, GOOGLE_*) and GitHub Actions OIDC (configure-aws-credentials) for infrastructure deployment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 02:04 PM