auditing-terraform-infrastructure-for-security
Auditing Terraform infrastructure-as-code for security misconfigurations using Checkov, tfsec, Terrascan, and OPA/Rego policies to detect overly permissive IAM policies, public resource exposure, missing encryption, and insecure defaults before cloud deployment.
73
62%
Does it follow best practices?
Impact
91%
1.01xAverage score across 3 eval scenarios
Passed
No known issues
Fix and improve this skill with Tessl
tessl review fix ./skills/auditing-terraform-infrastructure-for-security/SKILL.mdEvaluation results
91%
4%Terraform Security Audit for ACME Corp Infrastructure
Multi-tool Terraform security audit with structured report
Checkov JSON output
100%
100%
Checkov --framework terraform
100%
100%
tfsec JSON output
100%
100%
tfsec severity filter
0%
0%
Report header block
100%
100%
SCAN RESULTS section
62%
100%
CRITICAL FINDINGS section
100%
100%
SUMMARY BY SEVERITY section
88%
100%
Checkov -d flag used
100%
100%
Both tools used
100%
100%
Custom OPA/Rego policy writing and Conftest evaluation
92%
-1%Adding Security Scanning to FinTech Co's Terraform CI/CD Pipeline
CI/CD security pipeline with incremental rollout strategy
Checkov GitHub Action
100%
100%
Checkov framework set
100%
100%
Checkov SARIF output
100%
87%
tfsec GitHub Action
100%
100%
SARIF upload step
100%
90%
Trigger on terraform paths
100%
100%
Incremental rollout strategy
100%
100%
soft_fail for gradual rollout
70%
80%
OPA/Conftest step
100%
100%
Terraform init and plan steps
66%
66%
- Repository
- mukul975/Anthropic-Cybersecurity-Skills
- Commit
7eebca8
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.