alibabacloud-terraform-code-generation
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill implements robust security measures, including an explicit hard rule that forbids reading, writing, or asking for authentication credentials (AK/SK).
- [COMMAND_EXECUTION]: The skill uses local shell commands (
grep,awk,mkdir,ls) and theterraformCLI (fmt,init,validate) to manage infrastructure files and verify the validity of generated HCL code. These operations are limited to the project's target directory and are integral to the skill's primary purpose. - [EXTERNAL_DOWNLOADS]: The skill retrieves infrastructure documentation and provider versions from official Alibaba Cloud sources, such as their GitHub repository and the public Terraform Registry. These are trusted sources relevant to generating accurate Alibaba Cloud resource configurations.
- [REMOTE_CODE_EXECUTION]: Python scripts provided for maintenance (
scripts/build_alicloud_providers.py,scripts/build_deprecated_fields.py) usegitto clone or update the official Alibaba Cloud Terraform provider repository. These scripts operate on the vendor's official source code to maintain up-to-date catalog and deprecation data.
Audit Metadata