terraform-state-management

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) This skill is a legitimate Terraform state-management guide for GCS backends and contains standard administrative workflows. It does not contain signs of deliberate malware or hidden exfiltration, but it does include several high-risk operational instructions without adequate safety guardrails — most notably removing .gitignore (which can lead to committing sensitive state into Git), direct overwriting of remote state via gsutil cp, and routine use of terraform force-unlock. Those practices substantially raise the chance of accidental data exposure or state corruption if followed. Recommend editing the skill to remove the .gitignore removal, add explicit warnings about secrets and git, require validation steps before overwriting remote state, and recommend encryption and strict IAM for state buckets. LLM verification: This skill is a useful, legitimate operator guide for Terraform state management with GCS. It does not contain obfuscated or malicious code. The main security concerns are unsafe example commands that could lead to accidental data loss or leakage (notably 'rm -f .gitignore' and deletion of state files). Recommend removing or heavily annotating destructive examples, instructing to verify backups before delete, enforcing object versioning and IAM on state buckets, and never committing state files