terragrunt
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (MEDIUM): The skill is designed to download and execute infrastructure code from external Git repositories via Terragrunt and OpenTofu. While standard for IaC, this allows execution of remote HCL and provider code on the runner. Severity is categorized as MEDIUM because this behavior is intrinsic to the skill's primary purpose.
- [EXTERNAL_DOWNLOADS] (MEDIUM): References remote Git repositories as sources for modules and stacks. Fetching and executing code from external sources (e.g., git::github.com/org/repo.git) presents a risk if the source is untrusted or compromised.
- [COMMAND_EXECUTION] (LOW): Executes shell commands via a
taskrunner for infrastructure management. It includes logic for state manipulation and command-line operations. Risks are mitigated by instructions requiring explicit human approval for all 'apply' operations. - [DATA_EXFILTRATION] (SAFE): Accesses sensitive local files such as cluster inventory, networking configurations, and talos/kubeconfig paths. No logic for transmitting this sensitive data to unauthorized external endpoints was detected.
- [PROMPT_INJECTION] (SAFE): No malicious instructions attempting to bypass safety filters or override agent behavior were found.
Audit Metadata