Infrastructure-as-Code Review

Write an infrastructure-as-code review checklist and conduct a structured review of Terraform, CloudFormation, Pulumi, or Ansible code. Use when asked to review IaC code, audit infrastructure configurations, check cloud security posture, or produce a reusable IaC review checklist. Produces a structured review report with severity-categorized findings, remediation guidance, and a reusable checklist.

▶ Run it free in the Playground View SKILL.md ↗

Install

npx pm-claude-skills add --agent claude   # or codex · cursor · gemini · hermes
# or one-line MCP (every skill, any client):
claude mcp add pm-skills -- npx -y pm-claude-skills-mcp

What to give it

IaC tool — Terraform, CloudFormation, Pulumi, Ansible, or CDK
Cloud provider — AWS, GCP, Azure, or multi-cloud
What the code provisions — a brief description (e.g., "VPC, EKS cluster, and RDS instance for the payments service")
Security policies or naming standards in use — any existing org standards to check against; if none, use sensible defaults
The IaC code itself — paste or describe it; if not provided, produce the checklist template only and note findings require code

Related skills

Infrastructure-as-Code Review is one of 174 open-source professional AI agent skills. Try them all in the browser · ⭐ Star on GitHub · Browse the full catalog