terrashark

Featured

Prevent Terraform/OpenTofu hallucinations by diagnosing and fixing failure modes: identity churn, secret exposure, blast-radius mistakes, CI drift, and compliance gate gaps. Use when generating, reviewing, refactoring, or migrating IaC and when building delivery/testing pipelines.

DevOps & Infrastructure 429 stars 19 forks Updated yesterday MIT

Install

View on GitHub

Quality Score: 91/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Terrashark: Failure-Mode Workflow for Terraform/OpenTofu Run this workflow top to bottom. ## 1) Capture execution context Record before writing code: - runtime (`terraform` or `tofu`) and exact version - provider(s), target platform, and state backend - execution path (local CLI, CI, HCP Terraform/TFE, Atlantis) - environment criticality (dev/shared/prod) If unknown, state assumptions explicitly. ## 2) Diagnose likely failure mode(s) Select one or more based on user intent and risk: - identity churn: resource addressing instability, refactor breakage - secret exposure: secrets in state, logs, defaults, artifacts - blast radius: oversized stacks, weak boundaries, unsafe applies - CI drift: version mismatch, unreviewed applies, missing artifacts - compliance gate gaps: missing policies/approvals/audit controls ## 3) Load only the relevant reference file(s) Primary references: - `references/identity-churn.md` - `references/secret-exposure.md` - `references/blast-radius.md` - `references/ci-drift.md` - `references/compliance-gates.md` Supplemental references (only when needed): - `references/testing-matrix.md` - `references/quick-ops.md` - `references/examples-good.md` - `references/examples-bad.md` - `references/examples-neutral.md` - `references/coding-standards.md` - `references/module-architecture.md` - `references/ci-delivery-patterns.md` - `references/security-and-governance.md` - `references/do-dont-patterns.md` - `references/mcp-integration.md` Conditional ref...

Details

Author: LukasNiessen
Repository: LukasNiessen/terrashark
Created: 3 months ago
Last Updated: yesterday
Language: N/A
License: MIT

Integrates with

Google Cloud · Cloud Azure · Cloud Terraform · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Solid

terraform-iac-expert

Terraform and OpenTofu infrastructure as code — module design, state management, multi-environment setups, remote backends, secrets management, CI/CD integration. NOT for Pulumi, CDK, Ansible, or Kubernetes manifests.

108 Updated 3 weeks ago

curiositech

DevOps & Infrastructure Solid

terraform-skill

Use when working with Terraform or OpenTofu - creating modules, writing tests (native test framework, Terratest), setting up CI/CD pipelines, reviewing configurations, choosing between testing approaches, debugging state issues, implementing security scanning (trivy, checkov), or making infrastructure-as-code architecture decisions

1,907 Updated yesterday

antonbabenko

DevOps & Infrastructure Solid

drift-detector

Detect infrastructure drift between Terraform state and actual cloud resources. Identifies unmanaged resources, manual changes, and configuration drift. Use when: - User asks to check for infrastructure drift - User wants to find unmanaged cloud resources - User mentions "drift detection" or "Terraform drift" - User asks to compare cloud state to IaC - User wants to audit infrastructure changes

37 Updated 4 days ago

snyk

Testing & QA Solid

test-harness-auditor

This skill should be used when auditing a repo's test, lint, type-check, static analysis, build, and debug infrastructure for AI coding agents. Use when entering a new repo, when asked to 'audit tests', 'audit harness', 'check test infrastructure', 'lint audit', 'what testing tools are configured', or when a repo has no .claude/lint-rules.json. Generates optimized configs for the lint-on-write hook.

32 Updated yesterday

tdimino