Skip to content
ai-supply.store
ExplorarCategoríasClasificacionesComunidadAgent APIFAQ
Iniciar sesiónRegístrate gratis
catalog / DevOps & Infra / Terraform MCP Server
◇MCP serverDevOps & InfraFree

Terraform MCP Server

MCP server for the Terraform Registry and HCP Terraform — providers, modules, and workspace automation.

@ai-supply
Instalaciones253
↗ Repositorio fuente
← More DevOps & InfraDevOps & Infra leaderboard →How we grade security →Source ↗

Terraform MCP Server

The Terraform MCP Server (by HashiCorp) is a Model Context Protocol server that integrates with the Terraform ecosystem to bring Infrastructure-as-Code automation to AI assistants.

It provides direct access to the public Terraform Registry APIs for providers, modules, and policies, and supports HCP Terraform / Terraform Enterprise for workspace management, organization and project listing, private registry access, and run management. Both stdio and streamable-HTTP transports are supported, with optional OpenTelemetry metrics.

It targets platform and DevOps engineers who want an agent that can look up registry information and manage Terraform workspaces.

Rating rank
#1
of 23 in DevOps & Infra
Install rank
#23
of 23 in DevOps & Infra
Security score
58/100 · D
review
Security rank
#4
of 23 in DevOps & Infra
Installs
253
cat avg 212k
This listing vs category average
Installs
this
cat avg
Security (of 100)
this
cat avg
Adoption trend
See the DevOps & Infra leaderboard →
! Security: Review · 5858/100 · grade Dscanned 3h ago
⚠ 1 compromise signal16 risk-surface · 5/20 OWASP controls flagged

Only compromise signals — malicious or tampered code (leaked secrets, backdoors, a dropped executable) — reduce the score. Dangerous-by-capability traits are risk surface, expected for some capabilities. Every finding is mapped to the OWASP control it belongs to below.

What this capability can do · low confidence (static)
egress → example.com,https, evil.com, any-site.com, registry.terraform.io, app.terraform.io, test.com, example.com,, attacker.example.com +7

Findings mapped to the OWASP Top 10 for LLM Applications (2025) and the OWASP Machine Learning Security Top 10. Expand any flagged control for the exact findings — compromise reduces the score; expected/risk-surface do not.

OWASP Top 10 for LLM Applications
⚠LLM02Sensitive Information Disclosurecompromise · high
Secrets, credentials or PII shipped inside the artifact.
•Embedded credentials — found: hardcoded credential · hashicorp-terraform-mcp-server-d020979/pkg/client/middleware_test.go (CWE-798)expected
•Embedded credentials — found: private key · hashicorp-terraform-mcp-server-d020979/pkg/client/tls_test.go (CWE-798)expected
•Verified secret leak (deep scan) — 1 leak(s): curl-auth-header (CWE-798)compromise
⚠LLM07System Prompt Leakagecompromise · high
Secrets, internal hosts or proprietary logic exposed in shipped prompts.
•Internal host / private infrastructure reference — shipped content references a private IP range or internal-only host · hashicorp-terraform-mcp-server-d020979/cmd/terraform-mcp-server/config_test.go (CWE-200)expected
•Embedded credentials — found: hardcoded credential · hashicorp-terraform-mcp-server-d020979/pkg/client/middleware_test.go (CWE-798)expected
•Embedded credentials — found: private key · hashicorp-terraform-mcp-server-d020979/pkg/client/tls_test.go (CWE-798)expected
•Verified secret leak (deep scan) — 1 leak(s): curl-auth-header (CWE-798)compromise
⚠LLM06Excessive Agencyhigh
Over-broad tool/permission surface or unrestricted egress.
•External endpoints declared — 1 distinct host(s) · hashicorp-terraform-mcp-server-d020979/.github/ISSUE_TEMPLATE/bug_report.mdexpected
•External endpoints declared — 2 distinct host(s) · hashicorp-terraform-mcp-server-d020979/.github/ISSUE_TEMPLATE/config.ymlexpected
•External endpoints declared — 4 distinct host(s) · hashicorp-terraform-mcp-server-d020979/.release/oss-release-metadata.hclexpected
•Broad capability surface — 3 high-impact capability categories referenced — verify least-privilege · hashicorp-terraform-mcp-server-d020979/README.md (CWE-272)risk surface
•External endpoints declared — 19 distinct host(s) · hashicorp-terraform-mcp-server-d020979/README.mdexpected
•Egress to a private/loopback host — 127.0.0.1, [::1] · hashicorp-terraform-mcp-server-d020979/e2e/cors_e2e_test.go (CWE-918)expected
•External endpoints declared — 7 distinct host(s) · hashicorp-terraform-mcp-server-d020979/e2e/cors_e2e_test.goexpected
•External endpoints declared — 3 distinct host(s) · hashicorp-terraform-mcp-server-d020979/pkg/client/middleware.goexpected
•External endpoints declared — 15 distinct host(s) · hashicorp-terraform-mcp-server-d020979/pkg/client/middleware_test.goexpected
⚠LLM05Improper Output Handlingmedium
Code that pipes model/user output into shell, eval, SQL or paths unsafely.
•Path traversal sequences — '../' present in content or name · hashicorp-terraform-mcp-server-d020979/instructions/example-AGENTS.md (CWE-22)expected
§LLM09MisinformationGovernance
Artifacts designed to produce false/deceptive output.
Detectable only by runtime behavioral evaluation; addressed via responsible-use attestation.
◷LLM10Unbounded ConsumptionRuntime-enforced
Unbounded loops/recursion causing DoS or runaway cost.
Enforced at runtime by the gateway (rate limits + spend caps + size caps); static check flags unbounded loops.
✓LLM01Prompt InjectionPassed
✓LLM03Supply ChainPassed
✓LLM04Data and Model PoisoningPassed
Backdoors/poisoning in training data or serialized models.
Behavioral poisoning needs model execution; static check covers unsafe serialization + dataset skew only.
✓LLM08Vector and Embedding WeaknessesPassed
PII or plaintext source leakage in embedding/vector exports.
Embedding inversion/poisoning is largely runtime; static check covers PII in vector exports.
OWASP Machine Learning Security Top 10
⚠ML09Output Integritymedium
Middleware tampering with model outputs in transit.
Gateway enforces TLS + response integrity; static check flags output-rewriting code.
•Path traversal sequences — '../' present in content or name · hashicorp-terraform-mcp-server-d020979/instructions/example-AGENTS.md (CWE-22)expected
§ML01Input Manipulation (Adversarial)Governance
Models vulnerable to adversarial perturbations.
Requires runtime robustness evaluation; addressed via publisher robustness attestation.
§ML03Model InversionGovernance
Training data reconstructable from a model's outputs.
Runtime/evaluation property; addressed via model-card data-provenance + DP attestation.
§ML04Membership InferenceGovernance
Determining whether a record was in the training set.
Runtime/evaluation property; addressed via overfitting disclosure + DP attestation.
§ML08Model SkewingGovernance
Models trained on skewed data producing biased output.
Requires fairness evaluation; addressed via model-card bias/limitations disclosure.
✓ML02Data PoisoningPassed
Poisoned training datasets with triggers or anomalous distributions.
Static check covers trigger phrasing, PII and label skew; full poisoning detection is runtime.
✓ML05Model TheftPassed
Unlicensed re-distribution / license-incompatible derivatives.
Static check verifies license declaration; extraction throttling is runtime.
✓ML06AI Supply ChainPassed
✓ML07Transfer Learning AttackPassed
Backdoored base models / LoRA adapters propagating to derivatives.
Backdoor detection needs behavioral probing; static check covers unsafe serialization + provenance.
✓ML10Model Poisoning (Weights)Passed
Tampered model weight files; integrity must be verifiable.
Static check enforces safe formats + records a content hash for downstream verification.
Other findings (9) · hygiene / uncategorized
•Unrecognized file type — '.hcl' is not on the allowlist · hashicorp-terraform-mcp-server-d020979/.copywrite.hclrisk surface
•Unrecognized file type — '.gitignore' is not on the allowlist · hashicorp-terraform-mcp-server-d020979/.gitignorerisk surface
•Unrecognized file type — '.go-version' is not on the allowlist · hashicorp-terraform-mcp-server-d020979/.go-versionrisk surface
•Unrecognized file type — '.?' is not on the allowlist · hashicorp-terraform-mcp-server-d020979/CODEOWNERSrisk surface
•Suspicious network references — raw IP URL (15 URLs) · hashicorp-terraform-mcp-server-d020979/e2e/cors_e2e_test.goexpected
•Unrecognized file type — '.mod' is not on the allowlist · hashicorp-terraform-mcp-server-d020979/go.modrisk surface
•Unrecognized file type — '.sum' is not on the allowlist · hashicorp-terraform-mcp-server-d020979/go.sumrisk surface
•Suspicious network references — raw IP URL (6 URLs) · hashicorp-terraform-mcp-server-d020979/pkg/client/middleware.goexpected
•Suspicious network references — raw IP URL (67 URLs) · hashicorp-terraform-mcp-server-d020979/pkg/client/middleware_test.goexpected
✔ verified source · pinned hashicorp-terraform-mcp-server-d020979
Check against a policy

The same gate an agent runs before installing (POST /api/v1/trust/terraform-mcp-server/check). Click a policy:

Consume Terraform MCP Server programmatically. Authenticate with an API key or session — see Authorize an agent.

# Agents: CHECK BEFORE YOU INSTALL (no auth) — score, grade, level, capability manifest
curl https://ai-supply.store/api/v1/trust/terraform-mcp-server

# Gate against your org policy (returns { pass, violations })
curl -X POST https://ai-supply.store/api/v1/trust/terraform-mcp-server/check \
  -H "Content-Type: application/json" \
  -d '{"minGrade":"B","denyPermissions":["shell"],"denyUnknownEgress":true}'

# CLI
npx ai-supply add terraform-mcp-server

# REST (install → download)
curl -X POST https://ai-supply.store/api/v1/listings/terraform-mcp-server/install \
  -H "Authorization: Bearer $AIM_KEY"

# MCP tool
install_listing({ "slug": "terraform-mcp-server" })
OpenAPI spec →
vlatest
! Security: Review · 584h ago

Curated mirror — latest upstream source. See the repository for tagged releases.

Sign in and install this listing to leave a review.

More from @ai-supply

View profile →
◉Agent
MetaGPT
Multi-agent framework that assigns GPT roles (PM, engineer, QA) to solve complex software tasks end-to-end.
↓ 1.0M
⇄Connector
vLLM
High-throughput, memory-efficient LLM inference engine with PagedAttention and continuous batching.
↓ 892k
⇄Connector
Meilisearch
Lightning-fast open-source search engine with typo-tolerance, semantic hybrid search, and sub-50ms response times.
↓ 811k
△Eval
Weights & Biases (wandb)
ML experiment tracking and visualization — log metrics, hyperparameters, models, and media in real time.
↓ 784k
ai-supply.store

Capacidades de IA gratuitas y verificadas en seguridad: skills, MCPs, plugins, agents, datasets y mucho más, cada una con su puntuación y control de actualidad, pensadas por igual para personas y agents.

api · v3.1status · all green
Contacto
support@ai-supply.storesecurity@ai-supply.store
Catálogo
  • Explorar
  • Categorías
  • Clasificaciones
  • Benchmarks
  • Seguridad
Comunidad
  • Comunidad
  • FAQ
Para agentes
  • Inicio rápido (60s)
  • Autorizar un agente
  • Agent API
  • Especificación OpenAPI
Para desarrolladores
  • Publicar
  • Panel
Cuenta
  • Crear cuenta
  • Iniciar sesión
  • Configuración
Legal
  • Términos
  • Acuerdo de editor
  • Uso aceptable
  • Privacidad