terraform
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection as it ingests untrusted user data to generate Terraform modules which are then executed via documented CLI commands. \n
- Ingestion points: User input illustrated in the 'Examples' section (e.g., 'Input: Create a VPC module'). \n
- Boundary markers: Absent; there are no clear delimiters or instructions for the agent to ignore instructions embedded within the user data. \n
- Capability inventory: The skill documents 'terraform apply', which has the capability to create and modify cloud infrastructure. \n
- Sanitization: Absent; no escaping or validation of the input is specified. \n- [Command Execution] (SAFE): The skill documents standard, expected Terraform CLI commands for infrastructure automation. No suspicious shell piping or arbitrary code execution was detected. \n- [Data Exposure & Exfiltration] (SAFE): State management examples use standard S3 backends with encryption and locking. No hardcoded credentials, API keys, or sensitive local file path accesses were identified.
Audit Metadata