Run this helper free — no credit card
Every helper is free for 30 days. Answer 3 questions and get the full result in 2 minutes.
Start free →Terrashark: Failure-Mode Workflow for Terraform/OpenTofu
Prevent costly IaC hallucinations with systematic failure diagnosis
❌ Terraform/OpenTofu code generates infrastructure mistakes that escape review and cause outages, data loss, or security breaches.
✅ Users diagnose and fix five critical failure modes before deployment: identity churn, secret exposure, blast-radius mistakes, CI drift, and compliance gaps.
- ✓Capture execution context: runtime, providers, backend, CI path, environment
- ✓Diagnose identity churn: credential rotation, assume-role loops, MFA lockout
- ✓Detect secret exposure: hardcoded passwords, unencrypted state, log leaks
- ✓Calculate blast radius: resource dependencies, cross-account blast, rollback safety
- ✓Identify CI drift: plan-apply desync, state locking, concurrent runs
👁 2 views · 📦 0 installs
Free to install — no account needed
Copy the command below and paste into your agent.
Instant access • No coding needed • No account needed
What you get in 5 minutes
- Full skill code ready to install
- Works with 4 AI agents
- Lifetime updates included
Run this helper
Answer a few questions and let this helper do the work.
▸Advanced: use with your AI agent
Description
--- name: terrashark description: "Prevent Terraform/OpenTofu hallucinations by diagnosing and fixing failure modes: identity churn, secret exposure, blast-radius mistakes, CI drift, and compliance gate gaps. Use when generating, reviewing, refactoring, or migrating IaC and when building delivery/testing pipelines." --- # Terrashark: Failure-Mode Workflow for Terraform/OpenTofu Run this workflow top to bottom. ## 1) Capture execution context Record before writing code: - runtime (`terraform` or `tofu`) and exact version - provider(s), target platform, and state backend - execution path (local CLI, CI, HCP Terraform/TFE, Atlantis) - environment criticality (dev/shared/prod) If unknown, state assumptions explicitly. ## 2) Diagnose likely failure mode(s) Select one or more based on user intent and risk: - identity churn: resource addressing instability, refactor breakage - secret exposure: secrets in state, logs, defaults, artifacts - blast radius: oversized stacks, weak boundaries, unsafe applies - CI drift: version mismatch, unreviewed applies, missing artifacts - compliance gate gaps: missing policies/approvals/audit controls ## 3) Load only the relevant reference file(s) Primary references: - `references/identity-churn.md` - `references/secret-exposure.md` - `references/blast-radius.md` - `references/ci-drift.md` - `references/compliance-gates.md` Supplemental references (only when needed): - `references/testing-matrix.md` - `references/quick-ops.md` - `references/examples-good.md` - `references/examples-bad.md` - `references/examples-neutral.md` - `references/coding-standards.md` - `references/module-architecture.md` - `references/ci-delivery-patterns.md` - `references/security-and-governance.md` - `references/do-dont-patterns.md` - `references/mcp-integration.md` ## 4) Propose fix path with explicit risk controls For each fix, include: - why this addresses the failure mode - what could still go wrong - guardrails (tests, approvals, rollback) ## 5) Generate implementation artifacts When applicable, output: - HCL changes (typed vars, stable keys, bounded versions) - migration blocks (`moved`, import strategy) - CI pipeline updates (plan/apply separation, artifacts, policy checks) - compliance controls (approvals, policy rules, evidence paths) ## 6) Validate before finalize Always provide command sequence tailored to runtime and risk tier. Never recommend direct production apply without reviewed plan and approval. ## 7) Output contract Return: - assumptions and version floor - selected failure mode(s) - chosen remediation and tradeoffs - validation/test plan - rollback/recovery notes for destructive-impact changes
Security Status
Verified
Manually verified by security team
Related AI Tools
More Save Money tools you might like
Family History Research Planning Skill
FreeProvides assistance with planning family history and genealogy research projects.
Run freeNaming Skill
FreeName products, SaaS, brands, open source projects, bots, and apps. Use when the user needs to name something, find a brand name, or pick a product name. Metaphor-driven process that produces memorable, meaningful names and avoids AI slop.
Run freeProfit Margin Calculator
Free during launchNormally $8Find hidden profit leaks — see exactly where your money goes
Run freeguard-scanner
Free"Security scanner and runtime guard for OpenClaw skills, MCP servers, and AI agent workflows. Detects prompt injection, identity hijacking, memory poisoning, A2A contagion, secret leaks, supply-chain abuse, and dangerous tool calls with 364 static th
Run freeLife OS · Personal Decision Engine
Free"A personal decision engine with 16 independent AI agents, checks and balances, and swappable cultural themes. Covers relationships, finance, learning, execution, risk control, health, and infrastructure. Use when facing complex personal decisions (c
Run freebbc-skill — Bilibili Comment Collector
FreeFetch Bilibili (哔哩哔哩) video comments for UP主 self-analysis. Use when the user asks to collect, download, export, or analyze comments on a Bilibili video (BV号 / URL / UID). Produces JSONL + summary.json suitable for further Claude Code analysis (senti
Run free