Skills
skills/farmage/opencode-skills/terraform-engineer/Gen Agent Trust Hub

terraform-engineer

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-provided Terraform requirements and existing infrastructure code as part of its core workflow. This creates a surface for indirect prompt injection where malicious instructions could be embedded in the code comments or metadata of files being reviewed by the agent.
  • Ingestion points: Reads local Terraform files (.tf, .tfvars) and requirements documentation.
  • Boundary markers: None explicitly defined in the instructions.
  • Capability inventory: Executes terraform operations (plan, apply, import, state management) across AWS, Azure, and GCP providers.
  • Sanitization: No validation or sanitization of external HCL content before processing.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a variety of shell commands and specialized CLI tools including terraform, tflint, opa, conftest, and pre-commit for the purpose of infrastructure automation and testing.
  • [EXTERNAL_DOWNLOADS]: Fetches and uses various external dependencies from well-known technology providers and official repositories:
  • Downloads Terraform providers from the official HashiCorp registry.
  • References Go-based testing frameworks like terratest and testify from Gruntwork's GitHub repository.
  • Utilizes GitHub Actions for CI/CD workflows from HashiCorp, Bridgecrew, and the Terraform Linters organization.
  • References official Helm charts for Kubernetes deployments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 01:36 AM