Does it support drift detection?

Yes, it uses Terraform's detailed exit codes to identify drift and requires a documented explanation of the delta before proceeding with changes.

Which IaC providers are supported by this skill?

The skill provides specialized workflows for Terraform (.tf), Ansible (playbooks and roles), Docker (Dockerfile and Compose), CloudFormation, and Kubernetes manifests.

What linting tools does it integrate with?

The skill guides Claude to use industry-standard tools like tflint, tfsec, ansible-lint, hadolint, trivy, and checkov.

How does this skill improve infrastructure security?

It scans for 'Red Flags' such as 0.0.0.0/0 security group rules, wildcard IAM permissions, hardcoded secrets, and containers running as root.

Why is the 'plan-before-apply' rule enforced?

To prevent accidental outages and cost overruns; this skill treats IaC like application code where the 'plan' acts as a critical unit test that must be reviewed.

Infrastructure Validation

Name: Infrastructure Validation
Author: lgbarn

bylgbarn

•

デプロイメントとDevOps

Validates Infrastructure-as-Code files to prevent security breaches, outages, and configuration drift across Terraform, Ansible, and Docker.

This skill establishes a disciplined framework for managing Infrastructure-as-Code (IaC) by enforcing multi-stage validation workflows. It prevents common production failures by requiring plan reviews, security scanning, and linting for Terraform, Ansible, Docker, and CloudFormation files. By automating the detection of permissive security groups, hardcoded secrets, and unpinned versions, it ensures that your infrastructure changes are secure, standardized, and production-ready before they are ever applied.

主な機能

01Automated security scanning for IAM policies and network rules

02Validates container best practices including non-root users and pinned digests

03Enforces sequential validation workflows for Terraform, Ansible, and Docker

04Prevents high-risk actions like auto-approving unreviewed plans

0538 GitHub stars

06Detects infrastructure drift and requires plan documentation

ユースケース

01Linting Ansible playbooks and roles for syntax and security best practices

02Performing pre-deployment checks on Terraform modules and state files

03Scanning Dockerfiles for vulnerabilities and multi-stage build optimization

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lgbarn/shipyard infrastructure-validation

For use in Claude.ai and ChatGPT

Download Skill