infra-auditlisted

Infrastructure and CI/CD security audit - GitHub Actions workflows (pwn-request, secret logging, missing pinning, permissions overreach), Dockerfile (latest tag, USER root, ADD on URL), Kubernetes manifests (runAsNonRoot, privileged containers, hostNetwork), Terraform (IAM wildcards, state in git, module pinning), GitLab CI equivalent checks. Stack-agnostic.
marcoguillermaz/claude-dev-kit · ★ 3 · DevOps & Infrastructure · score 75

Install: claude install-skill marcoguillermaz/claude-dev-kit

## Scope for v1 - **Static analysis only.** Parses workflow files, Dockerfiles, K8s manifests, Terraform files, and GitLab CI configs on disk. Does not execute workflows, does not connect to cloud providers, does not validate runtime state. - **Five layers**: GitHub Actions, Dockerfile, Kubernetes manifest, Terraform, GitLab CI. Each layer runs only if its markers are detected (see Step 1) - no noisy N/A sections for layers that don't apply. - **Stack-agnostic**: the detected backend language / framework does NOT affect which checks run. Infrastructure is orthogonal to application stack. --- ## Configuration (adapt before first run) > Replace these placeholders: > - `[WORKFLOWS_PATH]` - GitHub Actions workflows (default: `.github/workflows/`) > - `[DOCKERFILE_PATH]` - Dockerfile location if non-standard (default: `Dockerfile` at repo root) > - `[K8S_PATH]` - Kubernetes manifest directory (default: `k8s/`, `deploy/`, `manifests/` - auto-detect) > - `[TERRAFORM_PATH]` - Terraform directory (default: `terraform/`, `infra/`, `iac/` - auto-detect) > - `[GITLAB_CI_PATH]` - GitLab CI config (default: `.gitlab-ci.yml` at repo root) --- ## Step 0 - Target and mode resolution Parse `$ARGUMENTS` for `target:` or `mode:` tokens. | Pattern | Meaning | |---|---| | `target:layer:<gha\|docker\|k8s\|terraform\|gitlab>` | Audit only one layer | | `target:file:<glob>` | Audit a specific file or glob | | `mode:all` / no argument | **Full audit - every layer whose markers are detected in