import-infrastructure-as-code

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires fetching and reading remote AVM index and module README files at runtime (e.g., https://raw.githubusercontent.com/Azure/Azure-Verified-Modules/refs/heads/main/docs/static/module-indexes/TerraformResourceModules.csv and https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-res--/refs/heads/main/README.md), and those files are mandated to inform and direct the agent's code-generation decisions, so remote content directly controls the agent's instructions.