infra-sage
by consigcody94
Overview
AI-powered management of Terraform infrastructure, automating tasks like module generation, configuration validation, change planning, resource listing, and drift detection.
Installation
node /absolute/path/to/infra-sage/build/index.jsEnvironment Variables
- TERRAFORM_DIR
Security Notes
The server executes `terraform` commands using `child_process.exec`, which runs commands via a shell. The `plan_changes` tool directly interpolates user-provided `varFile` and `target` parameters into the shell command string without sanitization or proper escaping. This creates a critical shell injection vulnerability where a malicious user could craft an argument (e.g., in `target`) to execute arbitrary shell commands on the host system. The `execAsync` function should ideally use `child_process.spawn` with arguments passed as an array to prevent shell interpretation, or meticulously sanitize inputs if `exec` is necessary.
Similar Servers
terraform-mcp-server
Provides seamless integration with Terraform Registry APIs and HCP Terraform/Terraform Enterprise APIs, enabling AI assistants/LLMs to generate high-quality Terraform code and automate IaC workflows.
tfmcp
A CLI tool and MCP server that enables LLMs to analyze, manage, and operate Terraform configurations and infrastructure environments.
mcp-kubernetes
Enables AI assistants to interact with and debug Kubernetes clusters by translating natural language requests into Kubernetes operations.
mcp-ssh-orchestrator
Provides secure, policy-driven SSH orchestration for AI agents to manage server infrastructure with audit logging, enforcing zero-trust principles.