The Agent Skills Directory

[DATA_EXPOSURE]: The skill's core instructions in SKILL.md direct the AI agent to parse the user's sensitive local configuration files, specifically ~/.aws/credentials and ~/.aws/config, to facilitate AWS profile selection.
[CREDENTIALS_UNSAFE]: The s3_private_storage module includes configuration to create IAM users and generate long-lived access_key_id and secret_access_key as Terraform outputs. Generating long-lived credentials instead of using IAM roles is a significant security risk.
[CREDENTIALS_UNSAFE]: The project initialization templates (templates/init/envs/staging/outputs.tf.tpl) include sensitive outputs for AppSync API keys which will be stored in the Terraform state file.
[COMMAND_EXECUTION]: Several bundled scripts (tf-run.ts, tf-output.ts) execute system commands using spawnSync to run terraform init, plan, apply, and output operations.
[COMMAND_EXECUTION]: The tf-lambda-build.ts script programmatically invokes esbuild and the archiver library to compile and package Lambda functions from source code.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) as it ingests and processes data from external files to generate code.
Ingestion points: The skill reads schema.graphql, terraform-scaffold.config.ts, and local AWS configuration files.
Boundary markers: None are defined to separate untrusted data from generation instructions.
Capability inventory: The skill has the capability to execute subprocesses (terraform, aws, bun) and perform extensive file system write operations.
Sanitization: No sanitization or escaping is performed on the data interpolated into the generated code and Terraform templates.

nuxt-terraform