terraform-stacks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs agents to call the HCP Terraform API (see references/api-monitoring.md and SKILL.md) — e.g., GET /api/v2/stack-deployment-steps/{step-id}/stack-diagnostics and the artifacts endpoint /artifacts?name=apply-description — to fetch diagnostics and artifact JSON that include module/file snippets from public registries, GitHub, and other external module sources, and the agent is expected to parse those results and drive monitoring/approval actions, so untrusted third-party content can influence behavior.