terraform-skill
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents standard Infrastructure-as-Code (IaC) patterns for managing Terraform provisioners and Docker Compose deployments.
- [COMMAND_EXECUTION]: Provides idempotent shell command templates for Terraform
remote-execandlocal-execprovisioners. These commands are used for infrastructure setup tasks like waiting for cloud-init, verifying container health, and performing database migrations. - [EXTERNAL_DOWNLOADS]: References official and well-known service endpoints for operational purposes. Specifically, it includes snippets for interacting with Cloudflare's API (api.cloudflare.com) to manage tokens and Google's public DNS (dns.google) to validate record resolution.
- [DATA_EXFILTRATION]: Accesses local environment files (.env) and service configurations (Caddyfiles) to validate required variables and domain settings. This behavior is restricted to the local development environment and is necessary for the skill's stated purpose of pre-deployment validation.
Audit Metadata