← Back to Skills

Security Audit

🌐Community
by terraphim · vlatest · Repository

Helps with security, auditing as part of implementing security and authentication workflows.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add terraphim-security-audit npx -- -y @trustedskills/terraphim-security-audit
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "terraphim-security-audit": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/terraphim-security-audit"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

The terraphim-security-audit skill performs automated security audits of Terraform configurations. It identifies potential vulnerabilities and misconfigurations based on established best practices and security benchmarks. The audit results are presented in a clear, actionable format to help users improve their infrastructure security posture.

When to use it

  • Before deploying infrastructure: Ensure your Terraform code is secure before provisioning resources in any environment.
  • During routine maintenance: Regularly scan existing infrastructure configurations for newly discovered vulnerabilities.
  • After making changes to Terraform code: Verify that modifications haven't introduced new security risks.
  • As part of a CI/CD pipeline: Integrate the skill into your automated workflows to enforce consistent security standards.

Key capabilities

  • Automated vulnerability scanning
  • Terraform configuration analysis
  • Security benchmark checks
  • Actionable audit reports

Example prompts

  • "Audit this Terraform code for potential vulnerabilities: [paste terraform code]"
  • "Run a security audit on my infrastructure configuration and report any findings."
  • "Check this Terraform file against CIS best practices."

Tips & gotchas

The skill requires access to the Terraform configuration files being audited. Ensure the AI agent has appropriate permissions to read these files for accurate results.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
terraphim
Installs
14
Repository (canonical source) →

🌐 Community

Passed automated security scans.