Terraform Security Audit
技能 已验证 活跃Security audit for Terraform codebases covering IAM, networking, encryption, secrets, access control, and compliance. Use before prod deploys, periodic audits, or new service security review.
To ensure Terraform infrastructure code is secure and compliant by performing a thorough, multi-area security audit before production deployments.
功能
- Automated security checks for IAM, network, encryption, secrets, access, and compliance.
- Identifies critical vulnerabilities like IAM wildcards, public access, and unencrypted data.
- Provides specific remediation code examples for each identified issue.
- Scans all .tf files within a codebase.
使用场景
- Conducting security reviews before deploying Terraform code to production.
- Performing periodic security audits of existing Terraform infrastructure.
- Validating security configurations for new services managed by Terraform.
- Hardening infrastructure security after an incident.
非目标
- Executing or applying Terraform code.
- Fixing non-security related Terraform issues.
- Auditing code written in languages other than Terraform.
安装
npx skills add spartan-stratos/spartan-ai-toolkit通过 npx 运行 Vercel skills CLI(skills.sh)— 需要本地安装 Node.js,以及至少一个兼容 skills 的智能体(Claude Code、Cursor、Codex 等)。前提是仓库遵循 agentskills.io 格式。
质量评分
已验证类似扩展
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.
Provision Infrastructure Terraform
99Provision and manage cloud infrastructure using Terraform with HCL modules, remote state backends, workspaces, and plan/apply workflow. Implement infrastructure as code patterns with variable management, output values, and state locking for team collaboration. Use when provisioning new cloud infrastructure, migrating from ClickOps or CloudFormation to declarative IaC, managing multi-environment infrastructure, versioning infrastructure changes alongside application code, or enforcing standards through reusable modules.
Terraform Engineer
99Use when implementing infrastructure as code with Terraform across AWS, Azure, or GCP. Invoke for module development (create reusable modules, manage module versioning), state management (migrate backends, import existing resources, resolve state conflicts), provider configuration, multi-environment workflows, and infrastructure testing.
Import Infrastructure as Code
99Import existing Azure resources into Terraform using Azure CLI discovery and Azure Verified Modules (AVM). Use when asked to reverse-engineer live Azure infrastructure, generate Infrastructure as Code from existing subscriptions/resource groups/resource IDs, map dependencies, derive exact import addresses from downloaded module source, prevent configuration drift, and produce AVM-based Terraform files ready for validation and planning across any Azure resource type.
Terraform
99Terraform infrastructure-as-code workflow patterns: state and environments, module design, safe plan/apply, drift control, and CI guardrails
Terraform Patterns
99Terraform infrastructure-as-code agent skill and plugin for Claude Code, Codex, Gemini CLI, Cursor, OpenClaw. Covers module design patterns, state management strategies, provider configuration, security hardening, policy-as-code with Sentinel/OPA, and CI/CD plan/apply workflows. Use when: user wants to design Terraform modules, manage state backends, review Terraform security, implement multi-region deployments, or follow IaC best practices.