SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubRun DevOpsDevOpsSecurity

iac-checkov

Infrastructure as Code (IaC) security scanning using Checkov with 750+ built-in policies for Terraform, CloudFormation, Kubernetes, Dockerfile, and ARM templates. Use when: (1) Scanning IaC files for security misconfigurations and compliance violations, (2) Validating cloud infrastructure against CIS, PCI-DSS, HIPAA, and SOC2 benchmarks, (3) Detecting secrets and hardcoded credentials in IaC, (4) Implementing policy-as-code in CI/CD pipelines, (5) Generating compliance reports with remediation guidance for cloud security posture management.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
77
Hot score
93
Updated
March 20, 2026
Overall rating
C3.0
Composite score
3.0
Best-practice grade
B75.6

Install command

npx @skill-hub/cli install agentsecops-secopsagentkit-iac-checkov
iaccheckovterraformkubernetescloudformationcompliancepolicy-as-codecloud-security

Repository

AgentSecOps/SecOpsAgentKit

Skill path: skills/devsecops/iac-checkov

Infrastructure as Code (IaC) security scanning using Checkov with 750+ built-in policies for Terraform, CloudFormation, Kubernetes, Dockerfile, and ARM templates. Use when: (1) Scanning IaC files for security misconfigurations and compliance violations, (2) Validating cloud infrastructure against CIS, PCI-DSS, HIPAA, and SOC2 benchmarks, (3) Detecting secrets and hardcoded credentials in IaC, (4) Implementing policy-as-code in CI/CD pipelines, (5) Generating compliance reports with remediation guidance for cloud security posture management.

Open repository

Best for

Primary workflow: Run DevOps.

Technical facets: DevOps, Security.

Target audience: Devsecops teams looking for install-ready agent workflows..

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: AgentSecOps.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install iac-checkov into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/AgentSecOps/SecOpsAgentKit before adding iac-checkov to shared team environments
  • Use iac-checkov for devsecops workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

iac-checkov | SkillHub