iac-scan-tfsec
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Command Execution] (HIGH): The skill instructs the agent to execute shell commands (e.g.,
tfsec <terraform-dir>) using a directory path that may be supplied by an untrusted source. If the directory name or path contains shell metacharacters (e.g.,;,&&,|), it could lead to arbitrary command execution on the host system. - [External Downloads] (MEDIUM): The prerequisite section suggests installing software from
github.com/aquasecurity/tfsec. Per the [TRUST-SCOPE-RULE], Aqua Security is not a listed Trusted Organization, making this an unverifiable external dependency. - [Indirect Prompt Injection] (HIGH): The skill possesses a significant attack surface for indirect injection as it processes untrusted HCL data.
- Ingestion points: Terraform files and directory structures provided by users or external repositories.
- Boundary markers: Absent; there are no delimiters or specific instructions to the agent to disregard instructions embedded within the scanned code.
- Capability inventory: Execution of shell commands via
tfsecandtrivyand automated parsing of JSON output into a markdown table. - Sanitization: Absent; the skill does not specify any validation or escaping for the directory path or the content of the files being scanned.
Recommendations
- AI detected serious security threats
Audit Metadata