What cloud providers and tools does this skill support?

This skill is specifically optimized for AWS environments managed via Terraform, providing deep integration with AWS CLI and Terraform state files.

How long does a typical infrastructure audit take?

Individual checks like configuration validation take 2-3 seconds, while a full comprehensive audit typically completes in under 30 seconds.

Is it safe to run this skill in a production environment?

Yes. The Infrastructure Auditor is strictly non-destructive and only performs read-only operations. It never executes 'terraform apply' or any commands that modify resources.

Can I use the audit reports for automated compliance tracking?

Absolutely. The skill generates machine-readable JSON reports with standardized schemas, making it easy to integrate with external dashboards or CI/CD pipelines.

Does the skill automatically fix the issues it discovers?

No. To ensure safety, it only provides prioritized recommendations. You can use the suggestions to guide manual fixes or use the 'infra-engineer' skill for implementation.

Infrastructure Auditor

Name: Infrastructure Auditor
Author: fractary

$fractary$ byfractary

•

Cloud Infrastructure

Audits cloud infrastructure status, security posture, and configuration drift through non-destructive, read-only analysis.

The Infrastructure Auditor skill provides a safe, observability-first approach to managing cloud environments by executing comprehensive read-only checks without modifying resources. It automates the inspection of Terraform configurations, IAM health, resource drift, and security compliance while providing real-time cost analysis. By generating structured JSON and Markdown reports, this skill enables DevOps teams to maintain high visibility into their AWS environments, identify manual 'shadow' changes, and catch critical misconfigurations before they impact production stability.

Key Features

01Automated security posture auditing for S3, IAM roles, and Security Groups

022 GitHub stars

03Dual-format reporting (Markdown and JSON) for human review and automation

04Pre-deployment validation to prevent configuration errors and policy violations

05Real-time cost analysis and optimization recommendation engine

06Non-destructive drift detection between Terraform state and live AWS resources

Use Cases

01Identifying unused IAM resources and over-privileged roles to enforce least-privilege

02Detecting manual configuration changes (drift) in environments managed by Infrastructure as Code

03Performing a security and compliance sweep before a major production release

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fractary/claude-plugins infra-auditor

For use in Claude.ai and ChatGPT

Download Skill