The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute various CLI commands for infrastructure management and validation.
The agent is expected to run terraform init, validate, plan, and apply to manage resources. Additional tools such as tflint, checkov, trivy, and terrascan are used for static analysis.
Security control: The skill explicitly mandates manual confirmation from the user before executing terraform apply to prevent accidental production impact.
References: SKILL.md (section 'Execution Protocol'), references/troubleshooting-gcp.md.
[SAFE]: No malicious patterns such as credential exfiltration, persistence mechanisms, or unauthorized remote code execution were detected.
The skill promotes industry-standard security patterns for GCP, including the use of GCS backend for state and Workload Identity to avoid static service account keys.
It proactively bans authoritative IAM resources (google_project_iam_policy) that are common causes of accidental lockouts.
[INDIRECT_PROMPT_INJECTION]: The skill contains surfaces for processing untrusted data.
Ingestion points: The agent reads local Terraform HCL files and templates (main.tf, .tftpl).
Boundary markers: No explicit delimiters or instructions to ignore embedded commands in HCL comments are provided.
Capability inventory: Shell execution via terraform and jq CLI tools.
Sanitization: No explicit sanitization or filtering of external HCL content before processing.

gcp-terraform-cicd