drift-detector

Detect infrastructure drift between Terraform state and actual cloud resources. Identifies unmanaged resources, manual changes, and configuration drift. Use when: - User asks to check for infrastructure drift - User wants to find unmanaged cloud resources - User mentions "drift detection" or "Terraform drift" - User asks to compare cloud state to IaC - User wants to audit infrastructure changes

Quality

88%

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Securityby

Passed

No known issues

Quality

Discovery

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is an excellent skill description that clearly defines its capabilities, provides explicit trigger guidance with a well-structured 'Use when' clause, and uses natural keywords that users would actually say. It covers a distinct niche (Terraform drift detection) with minimal conflict risk and uses proper third-person voice throughout.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: detect infrastructure drift, identify unmanaged resources, identify manual changes, and identify configuration drift. These are clear, actionable capabilities.	3 / 3
Completeness	Clearly answers both 'what' (detect infrastructure drift, identify unmanaged resources, manual changes, configuration drift) and 'when' with an explicit 'Use when:' clause listing five specific trigger scenarios.	3 / 3
Trigger Term Quality	Excellent coverage of natural terms users would say: 'infrastructure drift', 'unmanaged cloud resources', 'drift detection', 'Terraform drift', 'compare cloud state to IaC', 'audit infrastructure changes'. These are terms users would naturally use when needing this skill.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with a clear niche: Terraform drift detection specifically. The combination of 'Terraform state', 'drift detection', 'unmanaged resources', and 'IaC' creates a very specific domain that is unlikely to conflict with other skills.	3 / 3
	Total	12 / 12 Passed

Implementation

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a solid, actionable skill with clear phased workflows and executable commands throughout. Its main weakness is length — at ~200+ lines it includes material that could be offloaded to reference files (error handling, detailed remediation patterns, CI/CD examples) and some content that over-explains things Claude already knows (credential verification, basic Terraform backend config). The workflow structure and risk categorization are strong points.

Suggestions

Move the error handling section, CI/CD integration details, and detailed remediation examples into separate referenced files to reduce the main skill's token footprint.

Remove or drastically shorten the credential verification steps (Step 1.2) — Claude knows how to verify AWS/Azure/GCP credentials without being shown the commands.

Dimension	Reasoning	Score
Conciseness	The skill is reasonably well-structured but includes unnecessary verbosity in several places. The prerequisites section explains basic cloud credential setup that Claude already knows, the report template in Phase 3 is overly detailed, and the error handling section states obvious solutions. The phased structure adds organizational overhead for what could be more concise.	2 / 3
Actionability	The skill provides fully executable, copy-paste ready commands throughout — from basic snyk CLI invocations to remote state scanning, terraform import blocks, CI/CD YAML, and exclude policy generation. Each phase has concrete commands with real flags and arguments.	3 / 3
Workflow Clarity	The five-phase workflow is clearly sequenced (Setup → Detect → Analyze → Remediate → Prevent) with explicit goals per phase. Phase 3 includes risk categorization and prioritization, Phase 4 offers multiple remediation paths with clear decision criteria (import vs delete vs revert vs adopt), and the CI/CD integration includes a validation gate that fails on drift.	3 / 3
Progressive Disclosure	References to SERVICES.md and EXAMPLES.md are well-signaled, but the main file is quite long with content that could be split out — the full error handling section, the detailed remediation examples, and the CI/CD integration could each be separate files. The report template and common scenarios sections add bulk that dilutes the overview nature of the skill.	2 / 3
	Total	10 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: snyk/studio-recipes
Commit: adb5a9a

Reviewed: 16 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.