Back to skill

Security audit

Infrastructure as Code

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only infrastructure-as-code skill with powerful but expected cloud management examples.

Install only if you want IaC reference guidance. Before running any apply, update, delete, or destroy command from the examples, confirm the cloud account, region, workspace or stack, target environment, plan or change-set output, and backup or recovery posture. Do not store secrets in IaC files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents `terraform destroy` directly in the core workflow alongside safe commands without an immediate, explicit warning that it will tear down all managed infrastructure. In an IaC skill, users may copy-paste quick-start commands, so presenting a destructive command as a routine step increases the chance of accidental deletion of live resources and outage-causing mistakes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The CloudFormation example shows `aws cloudformation delete-stack --stack-name myapp-dev` without warning that it can remove active infrastructure and dependent resources. Because this appears in a command reference section, an operator could run it against the wrong stack or environment and cause service disruption or permanent data loss if protections are not in place.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The Pulumi quick start includes `pulumi destroy` as a normal workflow item without a nearby warning that it deletes all resources in the selected stack. Given the skill's purpose is operational infrastructure management, users may execute commands quickly in the wrong stack, leading to accidental teardown of real environments.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.