ClawHub

Terraform Engineer

v0.1.0

Use when implementing infrastructure as code with Terraform across AWS, Azure, or GCP. Invoke for module development, state management, provider configuration, multi-environment workflows, infrastructure testing.

2· 3k·14 current·14 all-time
byVeera@veeramanikandanr48
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md and the reference files all focus on Terraform module design, state, providers, testing and best practices. There are no unrelated binaries, environment variables, installs, or config paths requested — the requested surface is proportional to a Terraform guidance skill.
Instruction Scope
The runtime instructions define a senior Terraform role, workflows, templates and point to internal reference documents; they do not instruct the agent to read arbitrary system files, exfiltrate data, or call unexpected external endpoints. The guidance to configure backends/providers and to run terraform plan/apply is within the stated scope.
Install Mechanism
No install spec or code files that would write or execute downloaded artifacts are present — this is instruction-only, which minimizes install-time risk.
Credentials
The skill does not declare required env vars or credentials, but the reference docs legitimately show common Terraform authentication methods (AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY, shared credentials file, GOOGLE_APPLICATION_CREDENTIALS, service principal client_secret, etc.) and example paths (e.g. ~/.aws/credentials, service-account-key.json). Those examples are expected for Terraform work, but they imply the agent or user will need to provide cloud credentials when performing real operations — so users must avoid exposing long‑lived secrets or pasting credentials into chat.
Persistence & Privilege
The skill is not always-enabled and requests no persistent system privileges. It is user-invocable and can be called autonomously by the agent (platform default), but it does not modify other skills or system-wide config.
Assessment
This skill is a coherent, instruction-only Terraform specialist — it itself does not request credentials or install code, but following its guidance (configuring providers, remote backends, running terraform apply/tests) will require cloud credentials and access to state storage. Before using it: (1) never paste long-lived secrets or private keys into chat; prefer short-lived credentials, assume-role/session tokens, or managed identities; (2) review any generated Terraform code and backend configs before running terraform init/plan/apply; (3) run operations in an isolated/test environment first and avoid automatic 'apply' without human review; (4) ensure remote state access is tightly scoped (least privilege) and state buckets are encrypted and versioned; (5) if connecting CI, use secrets stored in your CI's secret manager rather than exposing them to the agent. If you want a higher-assurance review, provide samples of the Terraform code the skill would generate so you can inspect the exact changes before applying.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e03d270taj0vcmzr1mtep15808j4y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments