What infrastructure tools does this skill support?

It supports major cloud providers including AWS, GCP, and Azure, alongside IaC frameworks like Terraform and Pulumi, and Kubernetes manifests.

How does it help with IAM roles?

It identifies wildcard permissions and over-privileged roles, providing specific recommendations to apply least-privilege policies.

Can it detect hardcoded secrets in my code?

Yes, it scans .env files, variable definitions, and resource configurations for hardcoded passwords, API keys, and unencrypted strings.

Does it help with SOC2 or HIPAA compliance?

Yes, it includes specialized checklists and validation rules to ensure your infrastructure meets specific requirements for major compliance standards.

Infrastructure Security Reviewer

Name: Infrastructure Security Reviewer
Author: physics91

byphysics91

보안 및 테스팅

Audits infrastructure-as-code and cloud configurations to identify security vulnerabilities, hardcoded secrets, and compliance gaps.

소개

The Infrastructure Security Reviewer skill is a specialized tool for Claude Code designed to perform deep security audits of cloud environments and infrastructure-as-code (IaC). it automatically detects critical risks such as hardcoded secrets, over-permissive IAM roles, insecure network policies, and unencrypted storage across AWS, GCP, and Azure. By aligning configurations with industry standards like SOC2, HIPAA, and PCI, it provides actionable remediation steps and best practices to harden your infrastructure before deployment.

주요 기능

0 GitHub stars
Automated secrets scanning for IaC, environment files, and variables
Encryption-at-rest and in-transit verification for storage and databases
Compliance readiness checks for SOC2, HIPAA, and PCI standards
Deep IAM and RBAC analysis to enforce least-privilege access
Network policy validation for Kubernetes and cloud security groups

사용 사례

Identifying and migrating hardcoded secrets to managed services like AWS Secrets Manager or Vault
Hardening Kubernetes clusters by enforcing strict NetworkPolicies and RBAC configurations
Performing a comprehensive pre-deployment security audit on Terraform or Pulumi scripts

소개

주요 기능

0 GitHub stars
Automated secrets scanning for IaC, environment files, and variables
Encryption-at-rest and in-transit verification for storage and databases
Compliance readiness checks for SOC2, HIPAA, and PCI standards
Deep IAM and RBAC analysis to enforce least-privilege access
Network policy validation for Kubernetes and cloud security groups

사용 사례

Identifying and migrating hardcoded secrets to managed services like AWS Secrets Manager or Vault
Hardening Kubernetes clusters by enforcing strict NetworkPolicies and RBAC configurations
Performing a comprehensive pre-deployment security audit on Terraform or Pulumi scripts