Name: pantheon-ai/cfn-template-compare
Rating: 95.8 (1 reviews)
Author: pantheon-ai

pantheon-ai/cfn-template-compare

Compares deployed CloudFormation templates with locally synthesized CDK templates to detect drift, validate changes, and ensure consistency before deployment. Use when the user wants to compare CDK output with a deployed stack, check for infrastructure drift, run a pre-deployment validation, audit IAM or security changes, investigate a failing deployment, or perform a 'cdk diff'-style review. Triggered by phrases like 'compare templates', 'check for drift', 'cfn drift', 'stack comparison', 'infrastructure drift detection', 'safe to deploy', or 'what changed in my CDK stack'.

1.08x

Quality

93%

Does it follow best practices?

Impact

100%

1.08x

Average score across 5 eval scenarios

Securityby

Passed

No known issues

{
  "context": "Tests whether the agent follows the complete comparison workflow including template retrieval, synthesis, comparison, artifact saving, and formal reporting.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "aws get-template command",
      "description": "comparison-script.sh uses 'aws cloudformation get-template' with --stack-name and --query TemplateBody flags",
      "max_score": 10
    },
    {
      "name": "Output to JSON file",
      "description": "comparison-script.sh redirects get-template output to a file like deployed.json",
      "max_score": 8
    },
    {
      "name": "make synth command",
      "description": "comparison-script.sh uses 'make synth' to synthesize local template",
      "max_score": 10
    },
    {
      "name": "Copy synthesized template",
      "description": "comparison-script.sh copies the synthesized template from cdk.out/ to a local comparison file",
      "max_score": 8
    },
    {
      "name": "Structure comparison",
      "description": "comparison-script.sh uses jq 'keys' on both templates to compare top-level structure",
      "max_score": 10
    },
    {
      "name": "Resource count check",
      "description": "comparison-script.sh uses jq '.Resources | length' on both templates",
      "max_score": 10
    },
    {
      "name": "Added/removed resources",
      "description": "comparison-script.sh uses diff or comm with process substitution to find resource changes",
      "max_score": 10
    },
    {
      "name": "Timestamped artifacts",
      "description": "comparison-script.sh creates a directory with timestamp and/or branch name for saving artifacts",
      "max_score": 8
    },
    {
      "name": "Report template structure",
      "description": "comparison-report.md contains all 4 required sections: Summary, Differences, Recommendations, Deployment Decision",
      "max_score": 10
    },
    {
      "name": "Resource counts in summary",
      "description": "comparison-report.md Summary section mentions resource counts for both deployed and local",
      "max_score": 8
    },
    {
      "name": "Status indicator",
      "description": "comparison-report.md includes a status indicator (Safe to deploy / Review required / Critical issues)",
      "max_score": 8
    }
  ]
}