Loading...
Loading...
Found 67 Skills
Infrastructure as code with OpenTofu (open-source Terraform fork) and Pulumi. Covers OpenTofu HCL syntax, providers, resources, data sources, modules, state management with remote backends, workspaces, importing existing infrastructure, plan/apply workflow, variable management, output values, provisioners, and state encryption (OpenTofu-exclusive). Includes Pulumi TypeScript/Python SDKs, stack management, component resources, config/secrets, state backends, policy as code, and automation API. Common patterns for multi-environment setups, module composition, CI/CD integration, drift detection, and secret management. Use when writing or reviewing HCL configurations, managing cloud infrastructure state, migrating from Terraform to OpenTofu, building Pulumi programs in TypeScript or Python, setting up multi-environment IaC pipelines, or implementing state encryption.
Use when assessing cloud infrastructure for security misconfigurations, IAM privilege escalation paths, S3 public exposure, open security group rules, or IaC security gaps. Covers AWS, Azure, and GCP posture assessment with MITRE ATT&CK mapping.
Manage Harness Infrastructure as Code Management (IaCM) via MCP. Configure Terraform workspaces with remote state and RBAC, set up continuous drift detection with auto-remediation, design multi-tier change approval workflows, and estimate infrastructure costs before deployment. Use when asked to manage Terraform workspaces, detect infrastructure drift, set up approval workflows for infrastructure changes, or estimate Terraform costs. Do NOT use for creating Harness infrastructure definitions (use create-infrastructure instead) or OPA policies (use create-policy instead). Trigger phrases: terraform, workspace, drift detection, infrastructure cost, IaCM, state management, change approval, terraform plan, infracost, infrastructure governance.
Discover existing cloud resources using Terraform Search queries and bulk import them into Terraform management. Use when bringing unmanaged infrastructure under Terraform control, auditing cloud resources, or migrating to IaC.
Define your organization's platform engineering standards by generating a Platform-Engineering-Constitution.md. Use when establishing or updating cloud infrastructure policies, approved tooling, compute platforms, and IaC conventions.
Expert cloud architect specializing in AWS/Azure/GCP multi-cloud infrastructure design, advanced IaC (Terraform/OpenTofu/CDK), FinOps cost optimization, and modern architectural patterns. Masters serverless, microservices, security, compliance, and disaster recovery. Use PROACTIVELY for cloud architecture, cost optimization, migration planning, or multi-cloud strategies.
Platform-specific IaC checklists for DigitalOcean, Hetzner, AWS, and Cloudflare.
Use this skill whenever writing, reviewing, or refactoring Terraform code that provisions Azure resources. The skill enforces Microsoft Cloud Security Benchmark (MCSB) controls, CIS Azure Foundations Benchmark v2.0 rules, Azure Well-Architected Framework Security Pillar recommendations, and all Terraform IaC best practices that prevent Microsoft Defender for Cloud security recommendations from being raised. Activate whenever the user mentions Azure, azurerm provider, ARM, Defender for Cloud, Terraform on Azure, AKS, App Service, Storage, Key Vault, SQL, PostgreSQL, MySQL, Redis, Service Bus, Event Hub, Cosmos DB, API Management, or any Azure PaaS in a Terraform context — even if they don't explicitly ask about security or MDC.
Proactive security scanning for newly generated or modified code. Intelligently detects changes, runs appropriate scans (SAST, SCA, IaC), filters to only NEW issues, and prevents vulnerabilities at the source. Use this skill when: - Agent generates new code files - Agent modifies existing code - User asks to "scan for security issues" or "check my changes" - Before committing changes - User mentions "secure at inception", "proactive scan", or "security check"
Terraform and Infrastructure as Code optimization guidelines from Terramate. This skill should be used when writing, reviewing, or refactoring Terraform/OpenTofu code to ensure optimal patterns for security, maintainability, and reliability. Triggers on tasks involving Terraform modules, infrastructure provisioning, state management, or IaC optimization.
Alchemy IaC framework for TypeScript. Use when the user mentions Alchemy, wants to set up infrastructure, deploy Cloudflare Workers, configure databases, KV, R2, queues, use bindings and secrets, set up dev mode, use framework adapters (Vite, Astro, React Router, SvelteKit, Nuxt, TanStack Start), create custom resources, or work with any Alchemy provider.
Cloud: serverless Lambda/CF Workers, edge, CDN, multi-region, HA patterns, IaC Terraform