The Agent Skills Directory

Standard Tooling and Validation: The skill recommends using industry-standard tools for Terraform configuration management, including terraform fmt for formatting, terraform validate for syntax checking, and security scanners like tflint, checkov, and tfsec to identify potential misconfigurations.
Secret Management Best Practices: The instructions explicitly advise against hardcoding credentials or secrets in code. It correctly identifies sensitive files like terraform.tfstate and .tfvars that should be excluded from version control and demonstrates the use of the sensitive = true attribute for variables and outputs containing secret data.
Security Hardening Guidelines: The skill provides clear guidance on applying security best practices during resource creation, such as enabling encryption at rest, configuring private networking, and implementing the principle of least privilege for security groups.
Secure Configuration Examples: The provided HCL examples, such as the secure S3 bucket configuration, follow security best practices by including versioning, server-side encryption with KMS, and public access blocks.
Vendor-Aligned Guidance: The content is aligned with official documentation from HashiCorp and references legitimate developer resources.

terraform-style-guide