What is the Infrastructure Security Review skill?

It is a specialized capability for Claude Code designed to identify security vulnerabilities and misconfigurations in infrastructure-as-code files like Terraform and OpenTofu.

Does it provide remediation advice?

Yes, the skill generates detailed reports that include the severity of the issue, the specific file location, and the recommended code changes to fix the vulnerability.

Which cloud resources does it check?

The skill covers S3/storage buckets, network security groups, database access controls, compute instances (cloud-init), and state backend configurations.

Can it detect hardcoded secrets?

Yes, it includes robust grep patterns to find AWS access keys, database passwords, and API keys that may have been accidentally hardcoded in your .tf or .yaml files.

Is this skill compatible with OpenTofu?

Absolutely. The patterns and checklists are designed to work seamlessly with both Terraform and OpenTofu infrastructure configurations.

Infrastructure Security Review

Name: Infrastructure Security Review
Author: majesticlabs-dev

bymajesticlabs-dev

•

安全与测试

Audits Infrastructure-as-Code (IaC) for security vulnerabilities and compliance gaps using specialized patterns and checklists.

This skill empowers Claude to perform comprehensive security audits on Terraform and OpenTofu configurations, identifying critical risks such as hardcoded secrets, unencrypted state files, and overly permissive network rules. By leveraging domain-specific grep patterns and structured checklists, it helps developers ensure their cloud infrastructure meets security best practices and compliance standards like SOC 2, HIPAA, and PCI-DSS before deployment. It streamlines the review process by providing standardized report templates and clear remediation guidance for found vulnerabilities.

主要功能

01Network exposure checks for open SSH ports and wide CIDR ranges

0218 GitHub stars

03Automated detection of hardcoded AWS keys, passwords, and API credentials

04Validation of state backend encryption and bucket access policies

05Compute and database hardening verification including VPC attachments

06Standardized security report generation with severity-based categorization

使用场景

01Pre-deployment security auditing of Terraform and OpenTofu codebases

02Compliance readiness checks for SOC 2, HIPAA, or PCI-DSS infrastructure

03Rapid identification and remediation of exposed secrets in cloud configurations

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add majesticlabs-dev/majestic-marketplace infra-security-review

For use in Claude.ai and ChatGPT

Download Skill