terraform-test
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- Infrastructure Validation Patterns: The skill documents the use of Terraform's built-in testing framework (
.tftest.hcl). The provided examples use standardrunandassertblocks to validate configuration logic, resource attributes, and module outputs without introducing suspicious behaviors. - Secure CI/CD Integration: The examples for GitHub Actions and GitLab CI pipelines utilize official HashiCorp tools and adhere to secure practices by storing cloud credentials as CI secrets rather than hardcoding them in configuration files.
- Controlled Module Resolution: The documentation explicitly limits module sources to local paths or the official Terraform Registry, which reduces the risk of fetching and executing untrusted code from unverified remote repositories.
- Indirect Prompt Injection Surface:
- Ingestion points: The skill involves the analysis and generation of Terraform configuration and test files (
.tf,.tftest.hcl). - Boundary markers: Absent; the skill does not specify delimiters for separating user-provided code from the agent's instructions.
- Capability inventory: The skill utilizes the
terraformCLI for initialization and testing, which involves network communication with cloud provider APIs and state file management. - Sanitization: No specific sanitization or escaping mechanisms are described for processing external HCL content, which is typical for infrastructure-as-code documentation.
Audit Metadata