The Agent Skills Directory

NO_CODE (SAFE): The script scripts/analyze_plan.py referenced in SKILL.md and scripts/README.md is not included in the skill files. Only documentation and a JSON configuration file are provided.\n- Indirect Prompt Injection (SAFE): The skill is designed to process untrusted Terraform plan output, creating a potential attack surface. Evidence Chain: 1. Ingestion points: Processes external plan.json output via command-line arguments. 2. Boundary markers: None identified in the provided documentation. 3. Capability inventory: Execution logic is missing; documentation suggests local data processing for reporting. 4. Sanitization: Cannot be evaluated as the source code is not provided.

terraform-azurerm-set-diff-analyzer