Our review
Performs an in-depth infrastructure review by applying six checklists covering IaC, CI/CD, deployments, migrations, logging, and observability.
Strengths
- Systematic application of multiple specialized checklists
- Detection of security misconfigurations and operational risks
- Assessment of production blast radius
Limitations
- Requires infrastructure files to be modified in the working tree
- Depends on the quality of the provided checklists
- Can be slow for large changes
When infrastructure changes (Terraform, CI/CD, migrations, etc.) are in the working tree and need a systematic review before deployment.
For purely application-level changes with no infrastructure or observability impact.
Security analysis
SafeThe skill instructs spawning a review agent with defined checklists; it does not execute any system commands or handle sensitive data unsafely.
No concerns found
Examples
Run an infrastructure-focused review using the senior-review-specialist agent. Apply all 6 checklists on the current working tree changes.Review the CI/CD pipeline changes in the working tree for security misconfigurations and deployment risks.Perform an infrastructure review focusing on logging, alerting, and rollback capabilities for the current changes.name: review:infra description: Infrastructure-focused review covering IaC, CI/CD, releases, migrations, logging, and observability. Spawns the senior-review-specialist agent for infrastructure analysis.
Infrastructure Code Review
Run an infrastructure-focused review using 6 infrastructure checklists via the senior-review-specialist agent.
Instructions
Spawn the senior-review-specialist agent to perform this review.
Checklists to Apply
Load and apply these review checklists:
commands/review/infra.md- Deployment config, least privilege, operational claritycommands/review/ci.md- Pipeline security, deployment safetycommands/review/release.md- Versioning, rollout, migration, rollbackcommands/review/migrations.md- Database migration safetycommands/review/logging.md- Secrets exposure, PII leaks, wide-eventscommands/review/observability.md- Logs, metrics, tracing, alertability
Agent Instructions
The agent should:
- Get working tree changes: Run
git diffto see all changes - Identify infrastructure files:
- Terraform, CloudFormation, Kubernetes manifests
- CI/CD pipelines (GitHub Actions, GitLab CI, etc.)
- Migration files, deployment scripts
- Logging and monitoring configuration
- For each changed file:
- Read the full file content
- Go through each diff hunk
- Apply all 6 infrastructure checklists
- Look for security misconfigurations and operational risks
- Cross-reference related files: Check environment configs, secrets handling
- Assess blast radius: What could go wrong in production?
Output Format
Generate an infrastructure review report with:
- Critical Issues (BLOCKER): Security misconfigurations, deployment risks
- High Priority Issues: Missing guardrails, cost explosions
- Medium Priority Issues: Observability gaps, operational hazards
- Infrastructure Map: Components, dependencies, deployment topology
- Operational Readiness: Logging, alerting, rollback capabilities
- File Summary: Infrastructure issues per file
- Overall Assessment: Production readiness recommendation
Docker Compose Architect
DevOps
Designs optimized Docker Compose configurations.
Incident Postmortem Writer
DevOps
Writes structured and blameless incident postmortem reports.
Runbook Creator
DevOps
Creates clear operational runbooks for common DevOps procedures.