Skills
.Work. You
Rest

infra-terraform-security-scan

Community

Catch Terraform security risks before deploy.

Legal & Compliance#static analysis#terraform#policy as code#tfsec#checkov#sarif#iac security
Authorivanshamaev
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps you prevent insecure Terraform infrastructure changes by finding common AWS/GCP/Azure misconfigurations and policy violations before they reach production.

Core Features & Use Cases

  • tfsec static analysis: Detects risky Terraform patterns such as missing encryption, overly broad access, and weak security group rules.
  • Checkov policy checks (750+ rules): Enforces CIS-aligned and best-practice security policies across major clouds.
  • CI/CD security gates: Produces SARIF outputs for GitHub Security tab and supports fail/soft-fail behavior for PR workflows.

Use case: You open a PR that changes IAM, S3, and security group settings; use this Skill to scan the Terraform plan/code and ensure encryption, least privilege, logging, and public access restrictions meet compliance requirements.

Quick Start

Run tfsec and Checkov on your Terraform directory and upload the SARIF results to the GitHub Security tab for PR review.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: infra-terraform-security-scan
Download link: https://github.com/ivanshamaev/de-agent-skills/archive/main.zip#infra-terraform-security-scan

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.