terraform-validator_skill

This skill validates, lints, and tests Terraform configurations, helping you catch errors, ensure security, and generate actionable validation reports.
  • HCL

83

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill akin-ozer/cc-devops-skills --skill terraform-validator

  • SKILL.md18.0 KB

Overview

This skill is a comprehensive toolkit for validating, linting, testing, and automating Terraform and HCL configurations. It runs formatting, provider/module analysis, syntax validation, and security scans, then produces a cross-referenced report with remediation guidance. The workflow enforces a strict order of steps to ensure provider documentation is consulted and security references are cited before scanning.

How this skill works

The skill first extracts provider and resource metadata using a wrapper script, detecting both explicit and implicit providers. It looks up provider docs (Context7 preferred, WebSearch fallback) and requires reading security and best-practices references before running scans. It runs terraform fmt, init, validate, optional tflint, and a Checkov security scan via provided wrapper scripts, then maps findings back to the reference checklist and generates a citation-backed report.

When to use it

  • Before committing Terraform changes to ensure formatting, syntax, and provider compatibility
  • When auditing infrastructure-as-code for security misconfigurations and sensitive exposure
  • When onboarding or troubleshooting modules and custom providers to gather provider guidance
  • Prior to running CI/CD pipelines to generate a cross-referenced validation report
  • When performing dry-run reviews using terraform plan to catch potential destructive changes

Best practices

  • Always run the extract wrapper first to collect providers and detect implicit provider usage
  • Read security_checklist.md and best_practices.md before running security scanners
  • Apply terraform fmt -recursive to auto-fix formatting and include fmt checks in CI
  • Use Context7 provider docs when available; fall back to registry search for utility providers
  • If a tool is missing, inform the user, offer installation, and note skipped steps in the report

Example use cases

  • Validate a repository of .tf and .tfvars files for syntax errors and provider mismatches
  • Run automated security scans and receive findings cross-referenced to remediation patterns
  • Format and lint modules across multiple environments before a release
  • Detect implicit providers used by resource prefixes and include their documentation links
  • Produce a CI-ready report that lists severity, affected files, and recommended fixes

FAQ

The skill falls back to WebSearch (registry.terraform.io) for provider docs and marks the report: 'Provider docs via WebSearch (not in Context7)'.

Are security scans run before reading reference guidance?

No. The workflow requires reading security_checklist.md and best_practices.md before any security scan so remediation patterns can be cited.

What happens if Checkov or tflint is missing?

The skill will prompt to install missing tools (using provided scripts when available). If the user declines, the tool is noted as skipped and the run continues with available checks.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
terraform-validator skill by akin-ozer/cc-devops-skills | VeilStrat