terraform-best-practices
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill exclusively consists of educational documentation and configuration examples (HCL, YAML, Go, Rego) aimed at teaching production-grade Terraform patterns.
- [EXTERNAL_DOWNLOADS]: The documentation references well-known infrastructure tools and security scanners such as tfsec (Aqua Security), Checkov (Prisma Cloud), Terragrunt, and Terratest. It also mentions a popular community pre-commit hook repository (antonbabenko/pre-commit-terraform). These references are standard for DevOps workflows and point to established, reputable sources.
- [COMMAND_EXECUTION]: The workflow sections provide descriptive command-line examples for common infrastructure operations (e.g.,
terraform init,terraform plan,checkov -d .). These commands are intended for manual execution by the user and do not perform any hidden or unauthorized actions. - [CREDENTIALS_UNSAFE]: The skill actively promotes security best practices by instructing users to avoid hardcoding secrets and instead utilize dedicated services like AWS Secrets Manager or HashiCorp Vault.
Audit Metadata