Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

Greenmamba29/.agents/skills/terraform-style-check

Name: .agents/skills/terraform-style-check
Author: Greenmamba29

.agents/skills/terraform-style-check/SKILL.md

npx skillsauth add Greenmamba29/skillsdotmd_web .agents/skills/terraform-style-check

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

| name | description | license | tags | |------|-------------|---------|------| | terraform-style-check | Audit Terraform and OpenTofu configurations for style, best practices, security, and compliance. Checks naming conventions, resource organization, variable usage, module structure, and IAM least-privilege patterns. | MIT | --- terraform infrastructure devops security iac |

Terraform Style Check

Overview

Audit Terraform (and OpenTofu) configurations for style consistency, security best practices, module structure, and compliance requirements. Provides actionable fixes with severity ratings.

When to Use

Before merging infrastructure PRs for code review
When onboarding a new Terraform codebase with inconsistent patterns
When enforcing organizational IaC standards across teams
When conducting security audits of cloud infrastructure code
When preparing infrastructure code for compliance certification

Instructions

Accept path to Terraform directory or specific .tf files.
Parse all .tf files and build an AST representation.
Style checks:
- Naming conventions: resources use snake_case, descriptive names.
- File organization: main.tf, variables.tf, outputs.tf, versions.tf separation.
- Variable declarations: all variables have type, description, and default where appropriate.
- Output declarations: all outputs have description.
- Resource tagging: required tags (env, owner, project) present on all taggable resources.
Best practice checks:
- Remote state: backend configured, not using local state in production.
- Module versions: all module sources pinned to specific version.
- Provider versions: all providers pinned with ~> constraint.
- Sensitive variables: marked with sensitive = true.
Security checks:
- IAM policies: no * on actions without explicit justification comment.
- Security groups: no 0.0.0.0/0 on inbound rules except ports 80/443.
- Encryption: storage resources (S3, RDS, EBS) have encryption enabled.
- Public access: S3 buckets not publicly accessible without justification.
Generate report: issues grouped by severity (Critical, High, Medium, Low, Info).
For each issue: file, line number, current code, and recommended fix.

Environment

CHECK_NAMING=true
CHECK_SECURITY=true
CHECK_MODULES=true
REQUIRED_TAGS=env,owner,project
STRICT_IAM=true

Examples

Input:

path: ./infrastructure/aws
profile: production
check_level: full

Output:

Terraform Style Check Report
Files scanned: 18
Total issues: 23

Critical (2):
- security_groups.tf:45 - Inbound rule allows 0.0.0.0/0 on port 22 (SSH)
- iam.tf:78 - IAM policy uses wildcard action "s3:*" without justification

High (5):
- main.tf:12 - Module source not pinned to version (add ?ref=v2.1.0)
- variables.tf:34 - Variable 'db_password' missing sensitive=true
- rds.tf:23 - RDS instance encryption not enabled

Medium (8): [naming, tagging issues]
Low (8): [style, description missing]

Greenmamba29/.agents/skills/terraform-style-check

.agents/skills/terraform-style-check/SKILL.md

development

Updated Apr 17, 2026

$ install --global

skillsauth

npx skillsauth add Greenmamba29/skillsdotmd_web .agents/skills/terraform-style-check

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 24, 2026, 9:02 PM1.8s1 file scanned

SKILL.md

Terraform Style Check

Overview

Audit Terraform (and OpenTofu) configurations for style consistency, security best practices, module structure, and compliance requirements. Provides actionable fixes with severity ratings.

When to Use

Before merging infrastructure PRs for code review
When onboarding a new Terraform codebase with inconsistent patterns
When enforcing organizational IaC standards across teams
When conducting security audits of cloud infrastructure code
When preparing infrastructure code for compliance certification

Instructions

Accept path to Terraform directory or specific .tf files.
Parse all .tf files and build an AST representation.
Style checks:
- Naming conventions: resources use snake_case, descriptive names.
- File organization: main.tf, variables.tf, outputs.tf, versions.tf separation.
- Variable declarations: all variables have type, description, and default where appropriate.
- Output declarations: all outputs have description.
- Resource tagging: required tags (env, owner, project) present on all taggable resources.
Best practice checks:
- Remote state: backend configured, not using local state in production.
- Module versions: all module sources pinned to specific version.
- Provider versions: all providers pinned with ~> constraint.
- Sensitive variables: marked with sensitive = true.
Security checks:
- IAM policies: no * on actions without explicit justification comment.
- Security groups: no 0.0.0.0/0 on inbound rules except ports 80/443.
- Encryption: storage resources (S3, RDS, EBS) have encryption enabled.
- Public access: S3 buckets not publicly accessible without justification.
Generate report: issues grouped by severity (Critical, High, Medium, Low, Info).
For each issue: file, line number, current code, and recommended fix.

Environment

CHECK_NAMING=true
CHECK_SECURITY=true
CHECK_MODULES=true
REQUIRED_TAGS=env,owner,project
STRICT_IAM=true

Examples

Input:

path: ./infrastructure/aws
profile: production
check_level: full

Output:

Terraform Style Check Report
Files scanned: 18
Total issues: 23

Critical (2):
- security_groups.tf:45 - Inbound rule allows 0.0.0.0/0 on port 22 (SSH)
- iam.tf:78 - IAM policy uses wildcard action "s3:*" without justification

High (5):
- main.tf:12 - Module source not pinned to version (add ?ref=v2.1.0)
- variables.tf:34 - Variable 'db_password' missing sensitive=true
- rds.tf:23 - RDS instance encryption not enabled

Medium (8): [naming, tagging issues]
Low (8): [style, description missing]

Related Skills

Greenmamba29/customer-onboarder

tools

VerifiedTrustedCommunity

Automate end-to-end new customer onboarding for SaaS and marketplace platforms. Use when onboarding new customers after signup or contract signing, including account provisioning in CRM (HubSpot/Salesforce), sending personalized welcome email sequences via SendGrid, creating and tracking onboarding checklists, scheduling kickoff calls via Calendly/Cal.com, monitoring customer health scores, and generating time-to-value reports. Triggers on tasks involving new customer setup, onboarding automation, welcome sequences, CSM task assignment, or onboarding health tracking.

SKILL.mdUpdated Apr 17, 2026

Greenmamba29/customer-onboarder

Greenmamba29/zapier-migrator

development

VerifiedTrustedCommunity

Migrates Zapier zaps to Make.com scenarios automatically. Use when asked to convert, port, or recreate Zapier workflows in Make.com.

SKILL.mdUpdated Apr 17, 2026

Greenmamba29/zapier-migrator

Greenmamba29/webhook-orchestrator

development

VerifiedTrustedCommunity

Routes, transforms and fans out webhook payloads across multiple services. Use when you need to receive an incoming webhook and dispatch it to multiple downstream endpoints with payload transformation.

SKILL.mdUpdated Apr 17, 2026

Greenmamba29/webhook-orchestrator

Greenmamba29/.agents/skills/webapp-testing

tools

VerifiedTrustedCommunity

| name | description | license | tags | |------|-------------|---------|------| | webapp-testing | Generate and execute comprehensive test suites for web applications. Covers unit, integration, E2E, and visual regression tests. Analyzes application structure to create meaningful test cases with high coverage. | MIT | --- testing qa automation e2e playwright jest | # Webapp Testing ## Overview Generate and execute comprehensive test suites for web applications covering unit, integration, end-t

SKILL.mdUpdated Apr 17, 2026

Greenmamba29/.agents/skills/webapp-testing

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/Greenmamba29/skillsdotmd_web.git

# Copy into Claude Code skills folder (global)
cp -r skillsdotmd_web/.agents/skills/terraform-style-check ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

Greenmamba29/skillsdotmd_web

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT