$ timeahead.in

npm

@downatthebottomofthemolehole/terraform-best-practices-mcp-server

MCP server for Terraform cost, lint, security, and cloud best-practice guidance.

github ↗

☆ Watch this server 📋 Install guide ⚡ Compare ⚑ Claim listing

50poor

▣ Score BreakdownMCPScore = Σ(raw × weight)

DimensionRawWeighted

Security

35%

100

35.0

Freshness

25%

7.5

Adoption

20%

0.0

Quality

10%

2.0

Trust

10%

5.0

Total

49.5

⚿ Capabilities & Risk Explainer

networkexecsecrets

◆ Risk level: high· 18 tools · auth: API key

network + exec + secrets active — can execute code, access credentials, and make external network calls.

Tool name	Description	Destructive?
run_tflint⚠	Run tflint against a Terraform project directory	⚠ yes
run_checkov⚠	Run checkov over a Terraform directory	⚠ yes
run_trivy⚠	Run trivy config scanning against Terraform code	⚠ yes
run_kics⚠	Run kics IaC scanning against Terraform code	⚠ yes
run_infracost⚠	Run infracost breakdown for a Terraform directory	⚠ yes

+13 more tools

fetch_terraform_best_practices⚠	Fetch Terraform best-practice guidance from terraform-best-practices.com	⚠ yes
fetch_provider_best_practices	Fetch Terraform best practices for Azure, AWS, or GCP	✓ no
fetch_terraform_registry_guidance⚠	Fetch Terraform Registry guidance for providers, resources, and modules	⚠ yes
analyze_terraform_code⚠	Analyze Terraform code structure, modularity, variables, and best practices	⚠ yes
analyze_terraform_performance⚠	Analyze Terraform code for performance risks and optimization opportunities	⚠ yes
analyze_state_management	Assess Terraform backend/state strategy and recommend safer state management patterns	✓ no
generate_cost_report	Generate a comprehensive cost report from infracost output with optimization suggestions	✓ no
generate_terraform_module_docs⚠	Generate markdown documentation for Terraform modules from source code	⚠ yes
recommend_terraform_modules⚠	Recommend Terraform Registry modules based on code patterns and deployment intent	⚠ yes
suggest_terraform_architecture⚠	Suggest Terraform architecture and repository patterns for multi-environment infrastructure	⚠ yes
suggest_terraform_testing_strategy⚠	Recommend Terraform testing strategy and CI stages based on risk and change cadence	⚠ yes
suggest_security_hardening	Analyze security scan output and suggest hardening steps to improve infrastructure security	✓ no
generate_compliance_summary	Generate a compliance summary report from multiple security scan outputs	✓ no

⚙ Install config

Claude Desktop · Cursor · Windsurf · VS Code (Copilot) · Claude Code

add to your MCP client config:

{
  "mcpServers": {
    "downatthebottomofthemoleholeterraform-best-practices": {
      "command": "npx",
      "args": [
        "-y",
        "@downatthebottomofthemolehole/terraform-best-practices-mcp-server"
      ]
    }
  }
}

per-client install guide (claude desktop · cursor · windsurf · vscode) →

📈 Score historylast 15 snapshots

5/25/20266/6/2026 · 15 snapshots

⚙ Maintenance health

maintenance data not yet available — check back later.

⛁ Raw data

weekly downloads0

github stars0

forks0

open issues0

license✗ missing

readme length0 chars

last updated13d ago

install verified✗ fail · 5d ago

owner of this server? claim your listing to get a verified badgeclaim →

🔔 Score drop alerts

get notified by email when this server's score drops 5+ points