infrastructure
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions to bypass safety filters or override the agent's core programming.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or secrets were found. The skill explicitly advises users: 'Never store secrets in code.'
- [Obfuscation] (SAFE): No Base64, zero-width characters, or other hidden content patterns were detected.
- [Command Execution] (SAFE): The skill references standard Terraform CLI commands (
init,plan,apply,destroy). These are appropriate for the skill's stated purpose of managing infrastructure. - [External Downloads] (SAFE): Referenced Terraform providers (e.g.,
hashicorp/aws) are industry-standard dependencies from a reputable source. - [Indirect Prompt Injection] (LOW): While the skill processes infrastructure code which could theoretically contain malicious instructions if provided by an untrusted user, the skill itself does not facilitate exploitation and emphasizes secure patterns like encryption and remote state management.
Audit Metadata