Search everything...

Stats

Actions

Available In

Help us improve

Share bugs, ideas, or general feedback.

infra-review - Claude Code Plugin | ClaudePluginHub

Plugin

infra-review

Name: infra-review
Author: infraspecdev

By infraspecdev

Infrastructure review agents for Atmos component repositories: security, architecture, operations, cost optimization, AWS Well-Architected Framework reviews, and terraform plan analysis

npx claudepluginhub infraspecdev/tesseract --plugin infra-review

Popularity

Stars

Above avg

Med: 0·Avg: 274

Installs

Med: 0·Avg: 1

What's Inside

Slash Commands7

Plan Analysis

/analyze-plan

Analyze a Terraform plan for security, cost, and destructive action impact before applying

CI/CD Review

/review-cicd

Run a CI/CD workflow audit of the repository's GitHub Actions (versions, permissions, concurrency, path filters)

Full Component Review

/review-component

Run a comprehensive 4-perspective review of the current Terraform component (security, architecture, operations, cost)

Cost Review

/review-cost

Run a cost optimization review of the current Terraform component (NAT patterns, right-sizing, environment recommendations)

Hygiene Review

/review-hygiene

Run a quick Atmos component hygiene check (conventions, file layout, baseline variables)

Agents5

architecture-reviewer

/architecture-reviewer

Use this agent to review Terraform component structure, naming conventions, DRY patterns, Atmos integration, AWS service topology correctness, and variable/output interface design. Dispatch when creating or restructuring components.

cost-reviewer

/cost-reviewer

Use this agent to review Terraform components for cost optimization: NAT gateway patterns, right-sized subnets, expensive resource toggles, and environment-specific variable recommendations. Dispatch when reviewing VPC, compute, or storage components.

operations-reviewer

/operations-reviewer

Use this agent to review Terraform components for operational readiness: monitoring, logging, tagging, blast radius, and day-2 operations. Dispatch when evaluating production readiness.

security-reviewer

/security-reviewer

Use this agent to review Terraform components for security issues: IAM over-permissioning, missing encryption, network exposure, and Checkov policy alignment. Dispatch when editing IAM policies, security groups, NACLs, or any resource with a policy argument.

well-architected-reviewer

/well-architected-reviewer

Use this agent for a holistic infrastructure review using the AWS Well-Architected Framework across all 6 pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. Dispatch for architecture decision reviews, production readiness gates, or when evaluating overall infrastructure quality against AWS best practices.

Skills7

terraform-test-coverage

/terraform-test-coverage

Use when reviewing Terraform test files (.tftest.hcl), assessing test coverage, or designing new tests for components using mock_provider and plan-only assertions

atmos-component-hygiene

/atmos-component-hygiene

Use when adding, modifying, or reviewing Terraform components in an Atmos components repository - checks for common mistakes like committed provider.tf, missing terraform-docs, broken linting config, or missing baseline variables

atmos-repo-review

/atmos-repo-review

Use when reviewing Atmos infrastructure repositories, evaluating IaC structure, or assessing components/stacks organization for quality and best practices

github-actions-reviewer

/github-actions-reviewer

Use when reviewing, auditing, or improving GitHub Actions workflows in a repository — checks for version drift, permission issues, missing concurrency controls, path filter gaps, and cross-workflow inconsistencies

terraform-cost-review

/terraform-cost-review

Use when reviewing Terraform components for AWS cost optimization, right-sizing, or identifying unnecessary expensive resources like NAT gateways or over-provisioned subnets

Hooks1

Event Hooks

File writes

2 hooks across 2 events

Stats

Version2.7.0

ReleasedMar 20, 2026

LanguagePython

Stars2

MaintenanceGood

LicenseMIT

Last CommitMar 12, 2026

AddedMar 26, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge.

Available In

tesseract2

Safety Signals

Caution

Modifies files

Hook triggers on file write and edit operations

Uses power tools

Uses Bash, Write, or Edit tools

Help us improve

Share bugs, ideas, or general feedback.

README

Tesseract

A Claude Code plugin marketplace.

In the Marvel universe, the Tesseract was a crystalline container that held the Space Stone — one of the six Infinity Stones, each holding power over a fundamental aspect of existence. Whoever possessed the Tesseract didn't just hold an object; they held the potential to reshape reality itself.

This Tesseract holds something similar. Not Infinity Stones, but plugins — each one a concentrated capability that transforms how you build software. The container is simple. What it holds is powerful.

What's Inside

Plugin	What It Does
Shield	A unified software development lifecycle plugin — research, planning, project management integration, implementation, and continuous code review with specialist agents

Deprecated Plugins

The following plugins have been consolidated into Shield and are no longer maintained as separate plugins:

Plugin	Replaced By
`infra-review`	Shield's domain-specific review skills (`terraform/`, `atmos/`, `github-actions/`) and multi-mode reviewer agents
`clickup-sprint-planner`	Shield's PM adapter system (`/pm-sync`, `/pm-status`) with the ClickUp adapter at `shield/adapters/clickup/`
`dev-workflow`	Shield's general skills (`/research`, `/implement`, `/plan`) and superpowers integration

If you have existing projects using these plugins (e.g., infra-plans/ directories with sprint-planner.json), run /shield init in your project to migrate. Shield detects old plugin config and offers to set up the new .shield.json marker and ~/.shield/ config structure.

Tesseract: The Marketplace

Tesseract is a plugin marketplace — a registry that contains one or more Claude Code plugins. You add the marketplace once, then install whichever plugins you need.

# Add the marketplace (one-time)
/plugin marketplace add infraspecdev/tesseract

# Install a plugin from it
/plugin install shield@tesseract

# Enable auto-updates to stay current
/plugin update --auto-update shield@tesseract

Each plugin in the marketplace is independently versioned and released. You can install one, some, or all of them.

Plugins

Shield

Named after Marvel's S.H.I.E.L.D. — the Strategic Homeland Intervention, Enforcement and Logistics Division — the organization that gathers intelligence, plans operations, assembles specialists, and executes missions.

Except here, the homeland is your codebase — and the existential threats are unreviewed pull requests, missing test coverage, security holes hiding in plain sight, and acceptance criteria so vague they'd make Nick Fury weep.

Shield assembles a team of specialist agents and orchestrates them through a structured engineering pipeline. A planner who breaks initiatives into executable stories with testable acceptance criteria. A security reviewer who thinks like an attacker. A cost analyst who's seen $10k/month NAT gateway bills in dev environments. An architect who's debugged cascading failures at 3 AM. An agile coach who ensures stories are sprint-ready. A developer experience engineer who ensures plans are clear enough to execute without questions.

It shields you from the mistakes that haunt on-call rotations — because the best incident is the one that never happened.

Design Philosophy

One pipeline, many domains. Shield follows a single workflow — research, plan, build, review — but adapts to the domain you're working in. Terraform gets provider-specific research and HashiCorp Configuration Language-aware review. Atmos gets stack hygiene checks. Future domains (Python, TypeScript, Kubernetes) slot in by adding a directory, not by rewriting orchestration.

Continuous review, not gatekeeping. Review isn't a phase at the end — it happens after planning (are the stories actionable?), after each implementation step (did we introduce issues?), and as a final consolidated check. You choose which findings to fix, which to defer, and which to discuss.

Project management as a pluggable adapter. The pipeline doesn't know about ClickUp or Jira. It knows about abstract operations — sync stories, get status, link to epic. Each project management tool implements these operations through its own adapter. Adding a new tool means writing an adapter, not touching any skill or agent.

Agents are specialists. Each agent has a clear domain (security, cost, architecture, operations) and operates in modes depending on context — lightweight checks when reviewing a plan document, deep checklists when reviewing Terraform code. One agent file, multiple depths.

Your config, your rules. The plugin adapts to your setup:

Pick your domains (terraform, atmos, or both)
Pick your project management tool per project (clickup, jira, or future adapters)
Override which reviewers always run or never run per project

View full README on GitHub

Help us improve

Find plugins for your project

Help us improve

infra-review

Popularity

What's Inside

Help us improve

Health & Quality

Confidence

README

Tesseract

What's Inside

Deprecated Plugins

Tesseract: The Marketplace

Plugins

Shield

Design Philosophy

Similar Plugins

devops-skills

terraform-plugin

security

terraform-helper

cloud-foundation-principles

terraform

More by infraspecdev

shield

dev-workflow

clickup-sprint-planner

Help us improve

Tesseract

What's Inside

Deprecated Plugins

Tesseract: The Marketplace

Plugins

Shield

Design Philosophy