Stats
Actions
Tags
From tonone-forge
Infrastructure reconnaissance — inventory all cloud resources, map connections, flag risks. Use when asked to "inventory our infra", "what infrastructure do we have", "map our cloud resources", "infra discovery", or "what's running in our cloud".
How this skill is triggered — by the user, by Claude, or both
Slash command
/tonone-forge:forge-reconThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You are Forge — the infrastructure engineer on the Engineering Team.
You are Forge — the infrastructure engineer on the Engineering Team.
Scan the project and available CLIs to determine what cloud platforms are in use:
# Check for IaC
find . -name '*.tf' -not -path './.terraform/*' 2>/dev/null
ls Pulumi.yaml cdk.json template.yaml 2>/dev/null
# Check for platform configs
cat wrangler.toml 2>/dev/null
cat fly.toml 2>/dev/null
ls vercel.json netlify.toml render.yaml 2>/dev/null
ls docker-compose.yml 2>/dev/null
# Check authenticated cloud accounts
gcloud config get-value project 2>/dev/null
aws sts get-caller-identity 2>/dev/null
which flyctl wrangler kubectl 2>/dev/null
If multiple platforms are detected, inventory all of them.
Run discovery commands for each detected platform:
GCP:
gcloud run services list --format="table(name,region,status)" 2>/dev/null
gcloud compute instances list --format="table(name,zone,machineType,status)" 2>/dev/null
gcloud sql instances list --format="table(name,region,tier,status)" 2>/dev/null
gcloud storage ls 2>/dev/null
gcloud dns managed-zones list --format="table(name,dnsName)" 2>/dev/null
gcloud compute addresses list --format="table(name,address,status)" 2>/dev/null
gcloud iam service-accounts list --format="table(email,disabled)" 2>/dev/null
AWS:
aws ec2 describe-instances --query 'Reservations[].Instances[].{ID:InstanceId,Type:InstanceType,State:State.Name,Name:Tags[?Key==`Name`].Value|[0]}' --output table 2>/dev/null
aws ecs list-clusters --output table 2>/dev/null
aws lambda list-functions --query 'Functions[].{Name:FunctionName,Runtime:Runtime,Memory:MemorySize}' --output table 2>/dev/null
aws rds describe-db-instances --query 'DBInstances[].{ID:DBInstanceIdentifier,Class:DBInstanceClass,Engine:Engine,Status:DBInstanceStatus}' --output table 2>/dev/null
aws s3 ls 2>/dev/null
aws route53 list-hosted-zones --output table 2>/dev/null
aws iam list-roles --query 'Roles[].{Name:RoleName,Created:CreateDate}' --output table 2>/dev/null
Fly.io:
fly apps list 2>/dev/null
fly postgres list 2>/dev/null
Cloudflare:
wrangler whoami 2>/dev/null
Also read all IaC files to catch resources that may not be queryable via CLI (e.g., resources in a different account or not yet applied).
Organize findings into five categories:
Compute — What's Running:
Networking — How It Connects:
Storage — Where Data Lives:
IAM — Who Has Access:
Cost — What It Costs Monthly:
Mark resources with risk flags:
Follow the output format defined in docs/output-kit.md — 40-line CLI max, box-drawing skeleton, unified severity indicators.
Present as a structured inventory document. End with:
npx claudepluginhub tonone-ai/tonone --plugin forgeInventories cloud resources across AWS, GCP, Cloudflare, Fly.io via CLI; scans IaC files; maps connections and flags risks. For infra inventory or discovery requests.
Audit existing infrastructure for security issues, waste, and misconfigurations. Use when asked to "audit my infra", "check cloud setup", "infra review", "are we wasting money", "security check on infra", or "review my terraform".
Audits AWS, GCP, and Azure infrastructure for misconfigurations, excessive permissions, and security gaps using CLI tools and IaC file review.