volcengine-iac
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches Terraform providers for Volcengine from the official HashiCorp Terraform Registry (
registry.terraform.io). - [COMMAND_EXECUTION]: Executes shell scripts and Python utilities (
gen_tfvars.py,plan_summary.sh,export_outputs.sh,check_drift.sh) to orchestrate infrastructure deployment. - [COMMAND_EXECUTION]: Uses
local-execprovisioners in Terraform examples (e.g.,volcengine-vke-cr-nginx) to perform Docker operations such as login, pull, and push using provided credentials. - [DATA_EXFILTRATION]: No exfiltration patterns detected; the skill implements safety rules to prevent reading plaintext configuration files and ensures sensitive output files (e.g.,
iac-outputs.json) are created with restricted file permissions (0600). - [SAFE]: Included Base64 content in
vefaasexamples decodes to a benign Python "Hello World" function used for serverless verification.
Audit Metadata