Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Terraform Ai Skills
v0.0.2Use when bulk-managing Terraform modules at scale — upgrading providers across AWS, GCP, Azure, or DigitalOcean repositories, standardizing GitHub Actions wo...
⭐ 0· 328·0 current·0 all-time
byAnmol Nagpal@anmolnagpal
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (bulk Terraform module management, provider upgrades, workflow standardization, releases, validation) match the actual contents: bash scripts, config files, prompts, and docs. Declared required binaries (terraform, git, bash) and optional tools (gh, tfsec, tflint, trivy, checkov) are appropriate for the stated tasks.
Instruction Scope
SKILL.md and CLAUDE.md instruct the agent to run shipped scripts (run-with-provider.sh, scripts/*.sh) that clone, modify, and push changes across many repositories and optionally create GitHub releases. This is within the stated purpose, but these instructions imply broad filesystem and network activity and the ability to make destructive changes at scale — the docs explicitly recommend testing on one repo first and include safety/rollback guidance, which is good practice.
Install Mechanism
No install spec is provided (instruction-only), so nothing will be downloaded automatically. Code files are included in the skill and are intended to be executed locally; there are no third-party download URLs or extracted archives in the package that would raise additional supply-chain concerns.
Credentials
The skill manifest lists no required env vars or primary credential, but the scripts and documentation clearly expect certain environment variables and credentials at runtime (e.g., GH CLI usage, GitHub token permissions for commits/releases, CREATE_PR, ORG_NAME, SLACK_WEBHOOK_URL for optional notifications, and other runtime variables in docs/ENV-VARS.md). The absence of an explicit requires.env entry is an omission in the manifest (not necessarily malicious) — users must supply appropriate tokens with least privilege when running the skill.
Persistence & Privilege
The skill does not request always:true and claw.json lists only filesystem and network permissions, which are coherent with its purpose (cloning repos, modifying files, pushing changes, calling GH). It does not attempt to modify other skills or system-wide settings. Because the skill executes shell scripts, it will run with the invoking user's privileges — follow safe practice and test first.
Assessment
This skill appears to do what it claims, but it executes shell scripts that clone, modify, and push to many repositories — potentially at scale. Before installing or running: 1) Review the scripts (scripts/*.sh and run-with-provider.sh) line-by-line in a safe environment. 2) Test on a single non-production repository (the README and SKILL.md explicitly advise this). 3) Provide GitHub credentials with the minimum necessary scopes (use a fine‑grained token or repository-scoped PAT; the docs recommend contents:write, workflows:write, pull-requests:write only if needed). 4) Use DRY_RUN or create PRs (CREATE_PR=true) rather than direct commits while validating behavior. 5) Avoid exposing other secrets in config files; use GitHub secrets when integration is required. 6) Rotate and limit tokens after use and keep audit logs of operations. If you need higher assurance, have a trusted engineer audit the scripts for any unexpected network calls or external endpoints before running at scale.Like a lobster shell, security has layers — review code before you run it.
latestvk97evcybmdx2nnde50ymmwp5mn8226ab
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
OSLinux · macOS
Binsterraform, git, bash