The Agent Skills Directory

[SAFE]: Detailed technical review of the skill's instructions, code examples, and reference material confirms that it is designed for legitimate infrastructure management. It includes proactive security measures like secret management guidance and policy-as-code patterns.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download of Terraform providers and infrastructure modules from the official HashiCorp Registry and trusted GitHub organizations (e.g., terraform-aws-modules). These operations are essential for the skill's functionality and target well-known, reputable services.
[COMMAND_EXECUTION]: The skill instructions utilize the Bash tool to run standard Terraform lifecycle commands (init, plan, apply, destroy). These operations are consistent with the skill's purpose and are documented with appropriate safety warnings (e.g., verifying plans before application).
[DATA_EXFILTRATION]: While the skill mentions the terraform state pull command, it is documented neutrally as a method for state management and backup. No evidence of unauthorized data transfer to non-whitelisted or suspicious external domains was found.

infrastructure-terraform