auditing-terraform-infrastructure-for-security
Auditing Terraform infrastructure-as-code for security misconfigurations using Checkov, tfsec, Terrascan, and OPA/Rego policies to detect overly permissive IAM policies, public resource exposure, missing encryption, and insecure defaults before cloud deployment.
73
62%
Does it follow best practices?
Impact
91%
1.35xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/auditing-terraform-infrastructure-for-security/SKILL.mdEvaluation results
100%
48%Enforce Organization Security Standards with Policy-as-Code
Custom OPA Rego policy authoring
S3 package namespace
0%
100%
IAM package namespace
0%
100%
Security group package namespace
0%
100%
deny[msg] pattern
100%
100%
S3 encryption policy
100%
100%
IAM wildcard action check
100%
100%
SSH public ingress check
100%
100%
sprintf error message
100%
100%
Conftest evaluation
0%
100%
Conftest JSON output
0%
100%
Policy files in separate files
100%
100%
Checkov JSON output
0%
100%
92%
9%Add Security Gates to the Infrastructure Deployment Pipeline
GitHub Actions CI/CD security pipeline
Checkov GitHub Action
80%
100%
tfsec GitHub Action
0%
100%
SARIF upload action
70%
100%
SARIF file passed to upload
100%
100%
Checkov output_format sarif
75%
100%
soft_fail: false on Checkov
100%
100%
Terraform path trigger
100%
100%
Terraform init and plan
100%
100%
Plan JSON conversion
100%
100%
tfsec minimum severity
100%
0%
Checkov framework: terraform
100%
100%
OPA conftest step
100%
100%
81%
13%Comprehensive Terraform Security Audit for Compliance Review
Structured audit report generation
Report header block
75%
100%
SCAN RESULTS section
87%
100%
CRITICAL FINDINGS section
75%
50%
Per-finding fields
100%
100%
SUMMARY BY SEVERITY
87%
100%
Finding reference codes
42%
100%
Checkov JSON output flag
100%
100%
tfsec minimum-severity flag
0%
0%
State file scan
22%
33%
Inline suppression comment
100%
100%
Checkov framework terraform
25%
100%
Report saved to file
100%
100%
- Repository
- mukul975/Anthropic-Cybersecurity-Skills
- Commit
0f429d0
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.