Skills
skills/mysticaltech/terraform-hcloud-kube-hetzner/test-changes/Gen Agent Trust Hub

test-changes

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands for infrastructure lifecycle management using terraform and version control operations via git.
  • [COMMAND_EXECUTION]: Invokes third-party CLI tools codex and gemini to perform automated analysis on local project files.
  • [DATA_EXFILTRATION]: Transmits local repository data and version control diffs to well-known external AI service providers for review purposes.
  • [PROMPT_INJECTION]: The skill processes untrusted input from local code files and git history, which is subsequently provided as context to other AI models, presenting an indirect prompt injection risk.
  • Ingestion points: git diff output and local Terraform configuration files (.tf) located in vendor-specific paths.
  • Boundary markers: Absent; code content is interpolated directly into command strings for AI tools without delimiters or instructions to ignore embedded commands.
  • Capability inventory: Full shell access to execute infrastructure-altering terraform commands and interaction with remote AI APIs.
  • Sanitization: No evidence of sanitization or filtering of the source code content before it is processed by the AI models.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 11:51 PM