Skill

atmos-component-hygiene

Use when adding, modifying, or reviewing Terraform components in an Atmos components repository - checks for common mistakes like committed provider.tf, missing terraform-docs, broken linting config, or missing baseline variables

From infra-review

Install

Run in your terminal

npx claudepluginhub infraspecdev/tesseract --plugin infra-review

Tool Access

This skill uses the workspace's default tool permissions.

Supporting Assets

View in Repository

check-tables.md

Skill Content

Similar Skills

continuous-learning-v2

9 files

Observes Claude Code sessions via hooks to create atomic project-scoped instincts with confidence scores, evolving them into skills, commands, or agents.

ecc

144.6k

continuous-learning

2 files

Automatically extracts reusable patterns like error resolutions, workarounds, and debugging techniques from Claude Code sessions via Stop hook, saving them as learned skills for reuse.

ecc

144.6k

continuous-agent-loop

Provides patterns for continuous autonomous agent loops with loop selection, quality gates, evals, recovery controls, and failure mitigation. Useful for production AI agent workflows.

ecc

144.6k

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitMar 12, 2026

Actions

View Source View Plugin View on GitHub View README

Checks

First detect repo layout, then run checks against every component. Full check definitions and verification steps are in check-tables.md.

Repository-level (R1-R8): Verify gitignore rules for provider.tf, backend.tf, state files, and lock files. Confirm .tflint.hcl exists, terraform-docs is configured in pre-commit, and tflint runs in CI.

Per-component (C1-C10): Verify no committed provider.tf or backend.tf, versions.tf has constraints, baseline variables exist (aws_region, environment, tags, stage), README has terraform-docs markers, no hardcoded regions or account IDs, and tags are applied to resources.

Severity levels: Critical (blocks deployment or causes conflicts), Important (causes maintenance pain), Warning (best practice).

Running the Check

digraph check_flow { rankdir=TB; node [shape=box]; start [label="Run repo-level checks (R1-R8)"]; repo_pass [label="All pass?" shape=diamond]; fix_repo [label="Report repo-level failures"]; components [label="For each component\nrun C1-C10"]; report [label="Report results per component"]; done [label="Summary: PASS / FAIL with details"]; start -> repo_pass; repo_pass -> components [label="yes"]; repo_pass -> fix_repo [label="no"]; fix_repo -> components; components -> report; report -> done; }

Common Mistakes

Mistake	Why It's Wrong	Fix
Committing `provider.tf`	Conflicts with Atmos-generated provider config, breaks cross-account assume_role	Delete file, add to `.gitignore`
Committing `backend.tf`	Overrides Atmos stack-specific state paths	Delete file, add to `.gitignore`
Missing baseline variables	Atmos expects `aws_region`, `environment`, `tags`, `stage` on every component	Add to `variables.tf`
No terraform-docs markers	Consumers can't discover inputs/outputs without reading `.tf` files	Add README with `<!-- BEGIN_TF_DOCS -->` / `<!-- END_TF_DOCS -->`
Hardcoded regions/account IDs	Breaks multi-region and multi-account deployments	Use variables instead

Mistake

Why It's Wrong

Fix

Committing provider.tf

Conflicts with Atmos-generated provider config, breaks cross-account assume_role

Delete file, add to .gitignore

Committing backend.tf

Overrides Atmos stack-specific state paths

Delete file, add to .gitignore

Missing baseline variables

Atmos expects aws_region, environment, tags, stage on every component

Add to variables.tf

No terraform-docs markers

Consumers can't discover inputs/outputs without reading .tf files

Add README with  / 

Hardcoded regions/account IDs

Breaks multi-region and multi-account deployments

Use variables instead

Checks

First detect repo layout, then run checks against every component. Full check definitions and verification steps are in check-tables.md.

Severity levels: Critical (blocks deployment or causes conflicts), Important (causes maintenance pain), Warning (best practice).

Running the Check

Common Mistakes

Mistake	Why It's Wrong	Fix
Committing `provider.tf`	Conflicts with Atmos-generated provider config, breaks cross-account assume_role	Delete file, add to `.gitignore`
Committing `backend.tf`	Overrides Atmos stack-specific state paths	Delete file, add to `.gitignore`
Missing baseline variables	Atmos expects `aws_region`, `environment`, `tags`, `stage` on every component	Add to `variables.tf`
No terraform-docs markers	Consumers can't discover inputs/outputs without reading `.tf` files	Add README with `<!-- BEGIN_TF_DOCS -->` / `<!-- END_TF_DOCS -->`
Hardcoded regions/account IDs	Breaks multi-region and multi-account deployments	Use variables instead

Mistake

Why It's Wrong

Fix

Committing provider.tf

Conflicts with Atmos-generated provider config, breaks cross-account assume_role

Delete file, add to .gitignore

Committing backend.tf

Overrides Atmos stack-specific state paths

Delete file, add to .gitignore

Missing baseline variables

Atmos expects aws_region, environment, tags, stage on every component

Add to variables.tf

No terraform-docs markers

Consumers can't discover inputs/outputs without reading .tf files

Add README with  / 

Hardcoded regions/account IDs

Breaks multi-region and multi-account deployments

Use variables instead

atmos-component-hygiene

atmos-component-hygiene

Atmos Component Hygiene Check

Overview

When to Use

When NOT to Use

Checks

Running the Check

Common Mistakes

Supporting Files

Atmos Component Hygiene Check

Overview

When to Use

When NOT to Use

Checks

Running the Check

Common Mistakes

Supporting Files