The Agent Skills Directory

[COMMAND_EXECUTION]: The script 'scripts/agent.py' uses the 'subprocess.run' function to execute external security scanners including 'checkov' and 'tfsec'. These calls are implemented using argument lists rather than shell strings and do not use 'shell=True', which is a secure implementation that prevents command injection vulnerabilities.
[SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration were detected. The skill uses well-known, legitimate security tools for its stated purpose and follows development best practices for handling external command execution.

auditing-terraform-infrastructure-for-security