terraform-stacks
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution]: The skill utilizes the
terraformCLI to perform infrastructure operations like initialization, validation, and configuration management. These commands are essential for the skill's intended purpose of managing cloud resources. - [Network Interaction]: For monitoring and automation, the skill documents requests to the HCP Terraform API (
app.terraform.io) usingcurl. These operations facilitate the retrieval of deployment status and outputs in non-interactive environments. - [Sensitive File Access]: The documentation describes extracting authentication tokens from the local Terraform credentials file (
~/.terraform.d/credentials.tfrc.json). This is a common practice for authenticating programmatic tools with the Terraform service. - [Data Processing Surface]: The skill processes configuration files (
.hcl) and API responses as input. TheterraformCLI serves as the primary tool for managing these inputs, with built-in HCL parsing and API validation providing structure and boundary enforcement for the data handled by the agent. - [Metadata Observation]: The skill's metadata contains a copyright notice that differs from the expected author. This appears to be a documentation artifact and does not impact the operational safety or functionality of the skill.
Audit Metadata