adk-infra-expert
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a bash script (
scripts/init-terraform.sh) to generate local Terraform configuration files. This is a standard initialization task for infrastructure-as-code and does not involve executing arbitrary or untrusted commands. - [EXTERNAL_DOWNLOADS]: The skill references official and well-known documentation from Google Cloud and the HashiCorp Terraform registry. These are trusted sources used for configuration and documentation purposes.
- [PROMPT_INJECTION]: The instructions in
SKILL.mdare focused on infrastructure provisioning and do not contain any patterns designed to bypass AI safety filters or override system instructions. - [DATA_EXFILTRATION]: No patterns of sensitive data access (such as credentials or SSH keys) combined with external network requests were found. The script generates local files based on user-provided variables like project ID.
- [INDIRECT_PROMPT_INJECTION]: The skill has a low surface for indirect injection as it primarily generates structured code (Terraform) and reads from its own reference files. It does not ingest untrusted third-party data at runtime.
Audit Metadata