terraform-cli-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly runs terraform init and auto-downloads providers and remote modules (SKILL.md “terraform init → 安装 Provider 插件 / 下载模块”) and the installer script fetches releases/checkpoint data from public URLs (releases.hashicorp.com, checkpoint-api.hashicorp.com) — so it ingests open/public, potentially user-contributed module/provider content that can materially affect CLI behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The included setup script and shell install steps download and install executable Terraform binaries at runtime from https://releases.hashicorp.com/terraform (e.g. https://releases.hashicorp.com/terraform/{version}/terraform_{version}_{os}_{arch}.zip), which fetches remote executable code that the skill relies on and may install/execute locally.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). Yes — the skill directs the agent to automatically install system packages and modify system-level files (using sudo apt/yum and writing to system paths like /usr/share/keyrings and /etc/apt/..., plus running terraform init that alters workspace state) without user confirmation, which requires elevated privileges and changes the machine state.