Skills
skills/ionfury/homelab/opentofu-modules/Gen Agent Trust Hub

opentofu-modules

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [COMMAND_EXECUTION] (INFO): The skill references the use of task (Go Task) and the tofu CLI to run tests and format code. These are standard development tools intended for local execution within the repository context.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill handles untrusted data in the form of user-provided infrastructure requirements to generate HCL code.
  • Ingestion points: User prompts used to populate variables.tf and main.tf templates.
  • Boundary markers: None explicitly defined in the templates.
  • Capability inventory: Execution of task tg:test which triggers tofu test on generated HCL.
  • Sanitization: The skill mitigates risks by strictly enforcing command = plan in test blocks, ensuring that even if malicious configuration is generated, it is validated without executing side effects or creating real cloud resources.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 11:57 AM