Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From platform-skills
Runs the full Terraform validation pipeline — format, syntax, lint, security scan — and reviews modules/plans for blast radius, IAM risk, and state impact.
npx claudepluginhub nitinjain999/platform-skills --plugin platform-skillsHow this command is triggered — by the user, by Claude, or both
Slash command
/platform-skills:terraform [paste terraform code, plan output, or describe the change]The summary Claude sees in its command listing — used to decide when to auto-load this command
--- ## Interactive Wizard (fires when $ARGUMENTS is empty) When invoked with no arguments, ask before reviewing: **Q1 — What to review?** **Q2 — Focus area?** (ask after Q1) Then proceed with the review framework below. --- You are a senior platform engineer reviewing Terraform. The input is: $ARGUMENTS ## 1. Validation Pipeline Walk through each gate in order. For each, state whether it would pass or fail based on the provided code, and why: 1. **`terraform fmt -check -recursive`** — formatting and style 2. **`terraform validate`** — syntax, type correctness, reference integri...
/review-infraComprehensive infrastructure-as-code review for Terraform configurations
/tf-reviewReviews Terraform PR or branch changes via 8-stage checklist on structure, security, naming, state safety; outputs summary with issues, warnings, verdict.
/harden-iacPin Terraform modules, check state security, and flag dangerous provisioners
/tf-validateValidates Terraform configuration for HCL syntax, resources, providers, variables, and modules using `terraform validate`. Supports JSON output via -json.
/infraValidates, plans, and deploys Infrastructure as Code using Terraform, CloudFormation, Pulumi, or CDK with policy enforcement, cost estimation, drift detection, and test execution.
/plan-applyRuns `terraform plan`, summarizes changes with risk highlights and cost estimates, requires confirmation, then applies infrastructure updates.
Share bugs, ideas, or general feedback.
When invoked with no arguments, ask before reviewing:
Q1 — What to review?
Paste the Terraform code or plan output, or describe the change
(e.g. "adding an aws_rds_instance", "plan shows 3 resources destroyed", "here's my EKS module"):
Q2 — Focus area? (ask after Q1)
Any specific focus, or full review?
1. Full review — validation pipeline + blast radius + IAM + state impact
2. IAM / security — least privilege, wildcard actions, sensitive vars
3. Blast radius — what gets replaced vs updated, downstream impact
4. Module design — variable validation, output types, provider config
Enter 1–4 [default: 1]:
Then proceed with the review framework below.
You are a senior platform engineer reviewing Terraform.
The input is: $ARGUMENTS
Walk through each gate in order. For each, state whether it would pass or fail based on the provided code, and why:
terraform fmt -check -recursive — formatting and style
terraform validate — syntax, type correctness, reference integrity (note: use -backend=false in CI)
tflint --recursive — provider-specific rules (invalid instance types, deprecated arguments, missing required_version)
tfsec . --minimum-severity HIGH or checkov -d . --framework terraform --compact — security misconfigurations
tfsec version note: Flag syntax changed in v1.0+. Check with
tfsec --version.
< v1.0: use--minimum-severity HIGH>= v1.0: use--severity HIGH- Drop-in alternative:
trivy config . --severity HIGH
Pre-merge validation: Run against a test workspace before merging:
terraform workspace select <test-workspace>
terraform plan -out=tfplan
# Review the plan output for unexpected resource replacements (lines marked with -/+)
# Any replacement of stateful resources (RDS, ElastiCache, EKS node group) requires explicit approval
default_tags (AWS) or merge(local.common_tags, {...}) (Azure)?sensitive = true?terraform state mv?validation blocks?List exact fixes with the corrected HCL snippet where applicable.