Name: pantheon-ai/cfn-template-compare
Author: pantheon-ai

pantheon-ai/cfn-template-compare

Compares deployed CloudFormation templates with locally synthesized CDK templates to detect drift, validate changes, and ensure consistency before deployment. Use when the user wants to compare CDK output with a deployed stack, check for infrastructure drift, run a pre-deployment validation, audit IAM or security changes, investigate a failing deployment, or perform a 'cdk diff'-style review. Triggered by phrases like 'compare templates', 'check for drift', 'cfn drift', 'stack comparison', 'infrastructure drift detection', 'safe to deploy', or 'what changed in my CDK stack'.

Review — 100%

Does it follow best practices?

Evaluation — 100%

↑ 1.09x

Agent success when using this tile

Validation — 11 / 11 Passed

Validation for skill structure

{
  "context": "Tests whether the agent performs hierarchical comparison in the correct order and uses appropriate jq queries for security-focused analysis.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Structure comparison first",
      "description": "detailed-analysis.sh performs structure comparison (jq 'keys') before resource details",
      "max_score": 8
    },
    {
      "name": "Resource count check",
      "description": "detailed-analysis.sh uses jq '.Resources | length' to check counts",
      "max_score": 8
    },
    {
      "name": "Added/removed check",
      "description": "detailed-analysis.sh uses diff or comm to find added/removed resources",
      "max_score": 10
    },
    {
      "name": "Process substitution",
      "description": "The resource comparison uses process substitution with <() syntax",
      "max_score": 8
    },
    {
      "name": "Sorted resource lists",
      "description": "Resource key extraction includes 'sort' in the pipeline",
      "max_score": 5
    },
    {
      "name": "CDK Nag extraction",
      "description": "detailed-analysis.sh extracts cdk_nag metadata from Resources using jq",
      "max_score": 15
    },
    {
      "name": "IAM resource filter",
      "description": "detailed-analysis.sh filters resources where Type starts with 'AWS::IAM' using jq select",
      "max_score": 15
    },
    {
      "name": "Hierarchical order explained",
      "description": "analysis-report.md explains why structure → count → resources → security is the recommended order",
      "max_score": 10
    },
    {
      "name": "CDK Nag interpretation",
      "description": "analysis-report.md explains what CDK Nag suppressions are and why changes matter",
      "max_score": 10
    },
    {
      "name": "IAM policy analysis",
      "description": "analysis-report.md explains how to identify IAM policy changes and their significance",
      "max_score": 11
    }
  ]
}

Install with Tessl CLI

npx tessl i pantheon-ai/cfn-template-compare

evals

scenario-1

scenario-2

scenario-3

rubric.json

task.md

scenario-4

scenario-5

references

scripts

SKILL.md

tile.json

pantheon-ai/cfn-template-compare

rubric.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-3/

rubric.jsonevals/scenario-3/