terraform-style-guide
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- Infrastructure-as-Code Best Practices: The skill establishes clear structural and formatting guidelines for Terraform (HCL) configurations, aligning with industry-standard patterns for file organization and resource naming.
- Security-First Development Approach: It explicitly instructs the model to incorporate security hardening measures, including the principle of least privilege for network security groups and mandatory encryption for storage resources.
- Secure Secret Management: The instructions guide the proper use of the
sensitive = trueattribute for variables and outputs, which is a key security feature in Terraform to prevent the accidental exposure of credentials in logs or console output. - Trusted Documentation Integration: The guide links to official developer documentation from the platform provider, ensuring that the AI has access to authoritative and well-maintained reference material.
- Standard Validation Workflow: Recommends the use of industry-standard linting and security scanning tools, promoting a robust development lifecycle without executing unverified code.
Audit Metadata