The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/init-terraform.sh utilizes unquoted shell heredocs to generate Terraform variables, which can allow for HCL injection if variables like PROJECT_ID are sourced from untrusted inputs.
[COMMAND_EXECUTION]: The skill uses Bash to execute terraform and gcloud commands for provisioning and validating cloud infrastructure.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of local project files. 1. Ingestion points: Read, Grep, and Glob tools are used to inspect existing Terraform files. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions. 3. Capability inventory: High-privilege shell execution via Bash. 4. Sanitization: No evidence of validation or sanitization of ingested content.
[EXTERNAL_DOWNLOADS]: The skill fetches official Terraform providers from HashiCorp's registry.
[EXTERNAL_DOWNLOADS]: The skill references documentation and vendor resources from the author's official domains: tonsofskills.com, intentsolutions.io, and jeremylongshore.com.
[CREDENTIALS_UNSAFE]: Troubleshooting guidance in references/errors.md suggests granting the roles/owner role to a service account, which violates the principle of least privilege.

adk-infra-expert