terraform
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to process Infrastructure-as-Code files, which serves as an ingestion point for untrusted data. The guidelines include mitigation through the use of security scanning tools.
- Ingestion points: Terraform configuration and test files (SKILL.md).
- Boundary markers: Mentions the use of standard validation commands.
- Capability inventory: Execution of Terraform CLI operations (SKILL.md).
- Sanitization: Recommends using Trivy and Checkov to scan configurations for security issues.
- [COMMAND_EXECUTION]: Outlines the usage of Terraform CLI commands and promotes the integration of security tools like tflint and checkov for static analysis.
- [SAFE]: The skill provides educational content focused on secure infrastructure deployment and least-privilege configurations.
Audit Metadata