Skill Detail

Terraform State Drift Detector

Detects infrastructure drift by running terraform plan -detailed-exitcode and parsing the JSON output via terraform show -json. Categorizes drift by resource type and generates targeted terraform apply plans for reconciliation.

Runbooks & DiagnosticsOpenClaw

Runbooks & Diagnostics OpenClaw Security Reviewed

Tool match: terraform ⭐ 48.1k GitHub stars

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill terraform-state-drift-detector Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source

At a glance

Last updated

Mar 20, 2026

Quick brief

Terraform State Drift Detector identifies discrepancies between your Terraform state and actual cloud infrastructure to prevent configuration drift.

How it works

What this skill actually does

How It Works

The skill runs terraform plan -detailed-exitcode to detect changes, then parses the structured output via terraform show -json to categorize and prioritize drift by resource type, severity, and blast radius.

Key Features

Drift categorization by resource type (compute, network, IAM, storage) with severity scoring
Blast radius analysis estimating the impact of reconciliation applies
Selective reconciliation plans using terraform apply -target for surgical fixes
Support for Terraform workspaces, remote backends (S3, GCS, Azure Blob), and Terraform Cloud

Scheduling

Designed for scheduled drift detection runs. Maintains a drift history log for trend analysis. Alerts on critical drift like IAM policy changes or security group modifications. Compatible with OpenTofu and Terragrunt configurations.

Best fit

When to reach for it

Best when the job fits Runbooks & Diagnostics.
Works naturally with OpenClaw setups.

Trust & provenance

Why this listing is credible

Built around the terraform toolchain.
Trust status: Security Reviewed.
48.1k GitHub stars on the linked upstream source.
Last updated Mar 20, 2026.

View source ↗