terraform-guardrail
Verified Safeby imnumb1
Overview
Simplifies Terraform code management, generation, and compliance checking across multiple cloud providers.
Installation
terraform-guardrail mcpSecurity Notes
The application is designed with a strong security focus, primarily to identify security risks like hardcoded secrets and sensitive data in Terraform configurations and state files. No 'eval' or similar dangerous patterns were found. Network requests are made to the official Terraform Registry for provider metadata, with a timeout, which is a standard and expected interaction. File I/O for uploaded files in the web UI uses temporary directories. The use of `subprocess.run` to invoke the `terraform` CLI for schema validation is a legitimate function of the tool, assuming the installed `terraform` CLI itself is trusted. The project actively aims to improve the security posture of Terraform workflows rather than introducing new vulnerabilities.
Similar Servers
terraform-mcp-server
Provides seamless integration with Terraform Registry APIs and HCP Terraform/Terraform Enterprise APIs, enabling AI assistants/LLMs to generate high-quality Terraform code and automate IaC workflows.
tfmcp
A CLI tool and MCP server that enables LLMs to analyze, manage, and operate Terraform configurations and infrastructure environments.
diagram-mcp-server
Generates infrastructure diagrams from Python code or Infrastructure-as-Code (IaC) files across various cloud providers and on-premises environments.
llms
A centralized configuration and documentation management system for LLMs, providing tools for building skills, commands, agents, prompts, and managing MCP servers across multiple LLM providers.