Notre avis
Réalise une revue approfondie de l'infrastructure en appliquant six checklists couvrant IaC, CI/CD, déploiements, migrations, logging et observabilité.
Points forts
- Application systématique de multiples checklists spécialisées
- Détection des erreurs de configuration de sécurité et des risques opérationnels
- Évaluation de l'impact potentiel en production (blast radius)
Limites
- Nécessite que les fichiers d'infrastructure soient modifiés dans le working tree
- Dépend de la qualité des checklists fournies
- Peut être lent sur de gros changements
Quand des modifications d'infrastructure (Terraform, CI/CD, migrations, etc.) sont dans la working tree et nécessitent une revue systématique avant déploiement.
Pour des changements purement applicatifs sans impact sur l'infrastructure ou l'observabilité.
Analyse de sécurité
SûrThe skill instructs spawning a review agent with defined checklists; it does not execute any system commands or handle sensitive data unsafely.
Aucun point d'attention détecté
Exemples
Run an infrastructure-focused review using the senior-review-specialist agent. Apply all 6 checklists on the current working tree changes.Review the CI/CD pipeline changes in the working tree for security misconfigurations and deployment risks.Perform an infrastructure review focusing on logging, alerting, and rollback capabilities for the current changes.name: review:infra description: Infrastructure-focused review covering IaC, CI/CD, releases, migrations, logging, and observability. Spawns the senior-review-specialist agent for infrastructure analysis.
Infrastructure Code Review
Run an infrastructure-focused review using 6 infrastructure checklists via the senior-review-specialist agent.
Instructions
Spawn the senior-review-specialist agent to perform this review.
Checklists to Apply
Load and apply these review checklists:
commands/review/infra.md- Deployment config, least privilege, operational claritycommands/review/ci.md- Pipeline security, deployment safetycommands/review/release.md- Versioning, rollout, migration, rollbackcommands/review/migrations.md- Database migration safetycommands/review/logging.md- Secrets exposure, PII leaks, wide-eventscommands/review/observability.md- Logs, metrics, tracing, alertability
Agent Instructions
The agent should:
- Get working tree changes: Run
git diffto see all changes - Identify infrastructure files:
- Terraform, CloudFormation, Kubernetes manifests
- CI/CD pipelines (GitHub Actions, GitLab CI, etc.)
- Migration files, deployment scripts
- Logging and monitoring configuration
- For each changed file:
- Read the full file content
- Go through each diff hunk
- Apply all 6 infrastructure checklists
- Look for security misconfigurations and operational risks
- Cross-reference related files: Check environment configs, secrets handling
- Assess blast radius: What could go wrong in production?
Output Format
Generate an infrastructure review report with:
- Critical Issues (BLOCKER): Security misconfigurations, deployment risks
- High Priority Issues: Missing guardrails, cost explosions
- Medium Priority Issues: Observability gaps, operational hazards
- Infrastructure Map: Components, dependencies, deployment topology
- Operational Readiness: Logging, alerting, rollback capabilities
- File Summary: Infrastructure issues per file
- Overall Assessment: Production readiness recommendation
Architecte Docker Compose
DevOps
Concoit des configurations Docker Compose optimisees.
Rapport de Post-Mortem
DevOps
Rédige des rapports post-mortem d'incidents structurés et blameless.
Créateur de Runbooks
DevOps
Crée des runbooks opérationnels clairs pour les procédures DevOps courantes.