terraform-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a template for infrastructure-as-code assistance, promoting security-conscious patterns such as least privilege, version pinning, and resource lifecycle protection.
- [EXTERNAL_DOWNLOADS]: The provided CI/CD pipeline configuration (GitHub Actions) references official, well-known actions from the
actionsandhashicorporganizations. These are recognized as trusted sources for infrastructure automation. - [COMMAND_EXECUTION]: The skill documents standard Terraform CLI commands required for its intended purpose, such as
terraform init,plan,apply, andstate. These are appropriately scoped to the 'Terraform Specialist' role. - [INDIRECT_PROMPT_INJECTION]: The skill defines an attack surface by processing user-provided infrastructure requirements to generate code. However, it mitigates risk by explicitly advocating for human-in-the-loop review ('Plan before apply') and the use of
deletion_protectionon critical resources. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. The skill correctly identifies hardcoding values as an anti-pattern and recommends the use of variables and remote state backends.
Audit Metadata