terraform-ansible

SUSPICIOUS. The core Terraform/Ansible capabilities match the stated IaC purpose, and most commands are normal documentation examples. Risk comes from the optional MCP integration using an unverified npx package with unclear publisher linkage, disabled SSH host key checking, and broad real-world infrastructure control. This looks like a legitimate but high-impact automation skill with meaningful supply-chain and execution-trust concerns rather than confirmed malware.