The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it ingests untrusted data from WebSearch and user-provided HCL files. Evidence: (1) Ingestion points: WebSearch documentation results and local Terraform configuration files. (2) Boundary markers: Delimiters and instructions to ignore embedded commands are absent. (3) Capability inventory: Subprocess execution (terraform, tfsec, checkov) and file modification via Edit/Write tools. (4) Sanitization: No validation or sanitization of external research data is defined.
SAFE (SAFE): No malicious code, obfuscation, persistence mechanisms, or hardcoded credentials were detected. The skill instructions follow industry standards for secure infrastructure-as-code management.

terraform-tasks