Verify Terraform changes before completing the task

When you have edited, added, or removed any .tf or .tfvars files in this repository, you must invoke the terraform-plan skill before reporting the task as complete.

Static reasoning about Terraform code is not sufficient: module composition, variable defaults, count/for_each, conditional expressions, and provider behaviour regularly produce plans that diverge from what the code appears to say. The only reliable way to confirm that an edit produces the intended infrastructure change is to run terraform plan and cross-check its structured output against the changes you intended to make.

Rules for applying this:

1. The skill is a gate. If the plan does not match your intent, the task is not done — investigate the mismatch; do not proceed with further edits or hand the task back to the user as finished.
2. Do not skip the skill because "the change looks trivial". Cosmetic edits frequently cause unintended replace actions on dependent resources.
3. If the AWS session check in the skill fails, stop and ask the user to authenticate. Do not attempt to work around it.
4. If you genuinely cannot run terraform plan in this environment (no Terraform binary, no network, sandboxed execution), say so explicitly and ask the user how to proceed. Do not silently mark the task complete.