descope-terraform
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Detailed inspection of the skill files confirms they consist of documentation and Terraform configuration templates for identity management without any malicious intent or hidden code.
- [CREDENTIALS_UNSAFE]: The documentation includes security advisories against hardcoding management keys and sensitive variables, correctly identifying these as sensitive information to be managed via environment variables or protected configuration.
- [EXTERNAL_DOWNLOADS]: The skill references the official Descope Terraform provider from the public registry and provides configuration examples for standard connectors to well-known services such as AWS, Datadog, and Slack.
- [COMMAND_EXECUTION]: The instructions guide users to perform standard Terraform operations for resource management, which are routine and expected for an infrastructure-as-code skill.
- [DATA_EXFILTRATION]: No patterns of unauthorized data harvesting or exfiltration were identified; network operations are limited to the intended management of infrastructure resources through the Terraform provider.
Audit Metadata