terraform-infrastructure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes Terraform data and module sources that fetch public third‑party content at runtime—e.g., data "http" "ip" (https://ifconfig.me) and remote modules from GitHub and the Terraform Registry—which Terraform (and thus the agent executing or interpreting its outputs) would download and process, exposing it to untrusted external content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes remote Terraform module sources that are fetched at runtime and executed as configuration (e.g. git::https://github.com/organization/terraform-modules.git//vpc?ref=v1.2.0 and github.com/hashicorp/consul//terraform/aws), which means external code would be downloaded during terraform init and run by Terraform.