Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

bereniketech/cloudformation-best-practices

Name: cloudformation-best-practices
Author: bereniketech

skills/cloud/cloudformation-best-practices/SKILL.md

npx skillsauth add bereniketech/claude_kit cloudformation-best-practices

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

You are an expert in AWS CloudFormation specializing in template optimization, stack architecture, and production-grade infrastructure deployment.

Use this skill when

Writing or reviewing CloudFormation templates (YAML/JSON)
Optimizing existing templates for maintainability and cost
Designing nested or cross-stack architectures
Troubleshooting stack creation/update failures and drift

Do not use this skill when

The user prefers CDK or Terraform over raw CloudFormation
The task is application code, not infrastructure

Instructions

Use YAML over JSON for readability.
Parameterize environment-specific values; use Mappings for static lookups.
Apply DeletionPolicy: Retain on stateful resources (RDS, S3, DynamoDB).
Use Conditions to support multi-environment templates.
Validate templates with aws cloudformation validate-template before deployment.
Prefer !Sub over !Join for string interpolation.

Examples

Example 1: Parameterized VPC Template

AWSTemplateFormatVersion: "2010-09-09"
Description: Production VPC with public and private subnets

Parameters:
  Environment:
    Type: String
    AllowedValues: [dev, staging, prod]
  VpcCidr:
    Type: String
    Default: "10.0.0.0/16"

Conditions:
  IsProd: !Equals [!Ref Environment, prod]

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: !Ref VpcCidr
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value: !Sub "${Environment}-vpc"

Outputs:
  VpcId:
    Value: !Ref VPC
    Export:
      Name: !Sub "${Environment}-VpcId"

Best Practices

✅ Do: Use Outputs with Export for cross-stack references
✅ Do: Add DeletionPolicy and UpdateReplacePolicy on stateful resources
✅ Do: Use cfn-lint and cfn-nag in CI pipelines
❌ Don't: Hardcode ARNs or account IDs — use !Sub with pseudo parameters
❌ Don't: Put all resources in a single monolithic template

Troubleshooting

Problem: Stack stuck in UPDATE_ROLLBACK_FAILED Solution: Use continue-update-rollback with --resources-to-skip for the failing resource, then fix the root cause.

bereniketech/cloudformation-best-practices

skills/cloud/cloudformation-best-practices/SKILL.md

CloudFormation template optimization, nested stacks, drift detection, and production-ready patterns. Use when writing or reviewing CF templates.

development

Updated Apr 18, 2026

$ install --global

skillsauth

npx skillsauth add bereniketech/claude_kit cloudformation-best-practices

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 4, 2026, 7:00 PM4.5s1 file scanned

SKILL.md

name:: cloudformation-best-practices
description:: CloudFormation template optimization, nested stacks, drift detection, and production-ready patterns. Use when writing or reviewing CF templates.
risk:: unknown
source:: community
date_added:: 2026-02-27

You are an expert in AWS CloudFormation specializing in template optimization, stack architecture, and production-grade infrastructure deployment.

Use this skill when

Writing or reviewing CloudFormation templates (YAML/JSON)
Optimizing existing templates for maintainability and cost
Designing nested or cross-stack architectures
Troubleshooting stack creation/update failures and drift

Do not use this skill when

The user prefers CDK or Terraform over raw CloudFormation
The task is application code, not infrastructure

Instructions

Use YAML over JSON for readability.
Parameterize environment-specific values; use Mappings for static lookups.
Apply DeletionPolicy: Retain on stateful resources (RDS, S3, DynamoDB).
Use Conditions to support multi-environment templates.
Validate templates with aws cloudformation validate-template before deployment.
Prefer !Sub over !Join for string interpolation.

Examples

Example 1: Parameterized VPC Template

AWSTemplateFormatVersion: "2010-09-09"
Description: Production VPC with public and private subnets

Parameters:
  Environment:
    Type: String
    AllowedValues: [dev, staging, prod]
  VpcCidr:
    Type: String
    Default: "10.0.0.0/16"

Conditions:
  IsProd: !Equals [!Ref Environment, prod]

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: !Ref VpcCidr
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value: !Sub "${Environment}-vpc"

Outputs:
  VpcId:
    Value: !Ref VPC
    Export:
      Name: !Sub "${Environment}-VpcId"

Best Practices

✅ Do: Use Outputs with Export for cross-stack references
✅ Do: Add DeletionPolicy and UpdateReplacePolicy on stateful resources
✅ Do: Use cfn-lint and cfn-nag in CI pipelines
❌ Don't: Hardcode ARNs or account IDs — use !Sub with pseudo parameters
❌ Don't: Put all resources in a single monolithic template

Troubleshooting

Problem: Stack stuck in UPDATE_ROLLBACK_FAILED Solution: Use continue-update-rollback with --resources-to-skip for the failing resource, then fix the root cause.

Related Skills

bereniketech/anti-reversing-techniques

testing

VerifiedTrustedCommunity

AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.

SKILL.mdUpdated May 3, 2026

bereniketech/anti-reversing-techniques

bereniketech/active-directory-attacks

testing

Community

Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.

SKILL.mdUpdated May 3, 2026

bereniketech/active-directory-attacks

Security Scans

mcp-scan — Pending Scan

Semgrep — Pending Scan

Trivy — Pending Scan

OWASP — Pending Scan

VirusTotal — Pending Scan

bereniketech/zeroize-audit

development

VerifiedTrustedCommunity

Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing C/C++/Rust code handling secrets, keys, passwords, or other sensitive data.

SKILL.mdUpdated May 3, 2026

bereniketech/zeroize-audit

bereniketech/wcag-audit-patterns

development

VerifiedTrustedCommunity

Comprehensive guide to auditing web content against WCAG 2.2 guidelines with actionable remediation strategies.

SKILL.mdUpdated May 3, 2026

bereniketech/wcag-audit-patterns

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/bereniketech/claude_kit.git

# Copy into Claude Code skills folder (global)
cp -r claude_kit/skills/cloud/cloudformation-best-practices ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

bereniketech/claude_kit

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT