drift-detector

Detect infrastructure drift between Terraform state and actual cloud resources. Identifies unmanaged resources, manual changes, and configuration drift. Use when: - User asks to check for infrastructure drift - User wants to find unmanaged cloud resources - User mentions "drift detection" or "Terraform drift" - User asks to compare cloud state to IaC - User wants to audit infrastructure changes

Quality

88%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Quality

Discovery

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is an excellent skill description that clearly defines its purpose, lists concrete capabilities, and provides comprehensive trigger guidance. The explicit 'Use when:' clause with five distinct scenarios makes it easy for Claude to select this skill appropriately. The description is concise, uses third person voice correctly, and covers natural user language variations well.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: detect infrastructure drift, identify unmanaged resources, identify manual changes, and identify configuration drift. These are clear, actionable capabilities.	3 / 3
Completeness	Clearly answers both 'what' (detect drift between Terraform state and actual cloud resources, identify unmanaged resources, manual changes, configuration drift) and 'when' with an explicit 'Use when:' clause listing five specific trigger scenarios.	3 / 3
Trigger Term Quality	Excellent coverage of natural terms users would say: 'infrastructure drift', 'unmanaged cloud resources', 'drift detection', 'Terraform drift', 'compare cloud state to IaC', 'audit infrastructure changes'. These are terms users would naturally use.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with a clear niche: Terraform drift detection specifically. The combination of 'Terraform state', 'drift detection', and 'unmanaged resources' creates a unique fingerprint unlikely to conflict with general Terraform or cloud management skills.	3 / 3
	Total	12 / 12 Passed

Implementation

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a well-structured, highly actionable skill with a clear multi-phase workflow and concrete executable commands throughout. Its main weaknesses are moderate verbosity (explaining things Claude already knows, like how to check AWS credentials) and referencing bundle files (SERVICES.md, EXAMPLES.md) that don't exist. Trimming redundant explanations and ensuring referenced files are provided would elevate this skill significantly.

Suggestions

Trim the prerequisites section—Claude knows how to verify cloud credentials; just mention that credentials must be configured without showing the verification commands.

Provide the referenced SERVICES.md and EXAMPLES.md files, or remove the references if they don't exist.

Condense the error handling section into a brief troubleshooting table rather than verbose solution blocks for common/obvious issues.

Dimension	Reasoning	Score
Conciseness	The skill is reasonably well-structured but includes unnecessary verbosity in several places: the report template in Phase 3 is overly detailed, the prerequisites section explains basic cloud credential verification that Claude already knows, and the error handling section states obvious solutions. The constraints section also restates things already implied. Could be tightened by ~30%.	2 / 3
Actionability	Nearly all guidance includes concrete, executable commands and code blocks. The bash commands for snyk, terraform import, HCL blocks, CI/CD YAML, and cloud credential checks are all copy-paste ready. The remediation steps provide specific commands for each scenario.	3 / 3
Workflow Clarity	The five-phase workflow (Setup → Detect → Analyze → Remediate → Prevent) is clearly sequenced with explicit goals per phase. Phase 4 includes validation via terraform apply, and the CI/CD integration in Phase 5 includes a validation check (jq filter to fail on drift). The risk assessment step provides clear prioritization criteria. The constraint that this is read-only detection also bounds the workflow appropriately.	3 / 3
Progressive Disclosure	References to SERVICES.md and EXAMPLES.md are mentioned but neither file exists in the bundle. The skill is quite long (~200+ lines) with content that could be split out (e.g., the full report template, error handling, CI/CD examples). The common scenarios section appropriately defers to EXAMPLES.md, but the main body still contains too much inline detail.	2 / 3
	Total	10 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: snyk/studio-recipes
Commit: 786986d

Reviewed: 2 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.