The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Bash tools scoped to terraform, aws, and gcloud commands to interact with infrastructure. It also references a local script, scripts/drift-check.sh, which automates plan and preview actions for IaC tools like Terraform and Pulumi.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process IaC configuration data from external files.
Ingestion points: Reads IaC configuration from {baseDir}/terraform or equivalent directories (SKILL.md).
Boundary markers: No specific instructions or delimiters are used to ensure the agent ignores potentially malicious instructions embedded within the processed configuration files.
Capability inventory: The skill is granted Write, Edit, and Bash execution capabilities (SKILL.md).
Sanitization: There is no documented mechanism for validating or sanitizing the content of the IaC files before the agent processes them.
[SAFE]: The skill's behavior is entirely aligned with its declared functionality. External links point to official documentation for well-known services (Terraform and AWS), and all operations occur within the expected scope of infrastructure management. No signs of exfiltration or malicious intent were found.

detecting-infrastructure-drift