← 返回 Skills 市场
alirezarezvani

Terraform Patterns

作者 Alireza Rezvani · GitHub ↗ · v2.1.1 · MIT-0
cross-platform ⚠ suspicious
240
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install terraform-patterns
功能描述
Terraform infrastructure-as-code agent skill and plugin for Claude Code, Codex, Gemini CLI, Cursor, OpenClaw. Covers module design patterns, state management...
安全使用建议
This skill appears to do what it says (Terraform code review and security scanning) and bundles two Python scripts for local analysis. Before installing or running it: 1) Review the two scripts yourself — they run locally and use only the standard library, but inspecting them confirms there are no hidden network calls. 2) Make sure the agent/environment has python3 available (the SKILL.md calls 'python3' but the skill metadata doesn't declare it). 3) Run the scanner only against repositories you control or that do not contain production secrets — the scanner's reports include matched lines and can contain access keys, passwords, or tokens. 4) If you plan to use this in an automated/remote agent, ensure reports are not automatically uploaded to external services or logged where third parties can access them. 5) Prefer skills with a known source/homepage or run the scripts in an isolated environment (local VM or container) if the author is unknown. If you can get confirmation that the skill will redact or redact-sensitive findings and/or the metadata is updated to list python3 as a required binary, I would raise confidence and consider the package coherent.
功能分析
Type: OpenClaw Skill Name: terraform-patterns Version: 2.1.1 The terraform-patterns skill bundle is a legitimate toolset for auditing and designing Terraform infrastructure. It includes two Python scripts, tf_module_analyzer.py and tf_security_scanner.py, which perform local static analysis on .tf files using regular expressions to identify security risks (like hardcoded AWS keys or open security groups) and structural anti-patterns. The bundle contains no evidence of data exfiltration, malicious execution, or harmful prompt-injection instructions, and its behavior is entirely consistent with its stated purpose of improving IaC quality.
能力评估
Purpose & Capability
Name/description match what the included files do: two local Python scanners and a large SKILL.md with checklists. However the skill calls 'python3 scripts/...' but the registry metadata does not declare Python (or any required binary). This is a provenance/packaging omission — Python is required to run the provided scripts.
Instruction Scope
Runtime instructions explicitly tell the agent to read all .tf files in a target directory and run the two scanner scripts. That is expected for a Terraform reviewer, but the SKILL.md does not describe how sensitive findings are handled. The security scanner returns matched lines (which can include hardcoded access keys, secrets, or passwords), and the instructions do not instruct redaction or limits on where to scan. This raises risk of unintentionally exposing secrets in reports.
Install Mechanism
No install spec is present and all code is bundled with the skill (two Python scripts plus reference docs). There are no external downloads or installers. This lowers remote code-install risk, but it still requires an execution environment (python3).
Credentials
The skill requests no environment variables or credentials. That is appropriate. However the scanner is specifically designed to detect hardcoded credentials in Terraform files and will include matched snippets in findings. Because it will read local files containing secrets, users should be aware reports may contain sensitive values.
Persistence & Privilege
The skill is not always-enabled and does not request elevated privileges or modify other skills. It runs on-demand and has no install hooks or persistent background components.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install terraform-patterns
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /terraform-patterns 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.1
v2.1.1: optimization, reference splits
元数据
Slug terraform-patterns
版本 2.1.1
许可证 MIT-0
累计安装 2
当前安装数 2
历史版本数 1
常见问题

Terraform Patterns 是什么?

Terraform infrastructure-as-code agent skill and plugin for Claude Code, Codex, Gemini CLI, Cursor, OpenClaw. Covers module design patterns, state management... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 240 次。

如何安装 Terraform Patterns?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install terraform-patterns」即可一键安装,无需额外配置。

Terraform Patterns 是免费的吗?

是的,Terraform Patterns 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Terraform Patterns 支持哪些平台?

Terraform Patterns 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Terraform Patterns?

由 Alireza Rezvani(@alirezarezvani)开发并维护,当前版本 v2.1.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论