📄 skillActiveCuratedmedium

hashicorp/terraform-mcp-server

The Terraform MCP Server provides seamless integration with Terraform ecosystem, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development.

Supported Platforms

🧠 Codex

Stars

1.4k

Skill Type

📖 Library & API Reference

Quality Score

127/200

License

MPL-2.0

Forks

165

Last Updated

Jun 11, 2026

Discovered

Apr 30, 2026

Validation

Passed

github.com/hashicorp/terraform-mcp-server

Quality Breakdown

127/ 200

Content Signals

✓Gotchas/Edge Cases+40

✓Progressive Disclosure+30

○Trigger Description+20

○Verification/Safety+20

✓Code Examples+15

○Composability+15

Repo Health

✓Recent Activity+15

✓Scripts/Automation+10

✓Real Usage (Issues)+10

○Single Responsibility+10

✓Config/Persistence+10

✓Install Instructions+5

Multi-platform bonus: +5 pts if tool supports 2+ platforms. Score derived from 12 structural signals — not stars or popularity.

Trust & Verification

medium

Requires extended permissions (shell access, subagents). Review before use.

Active

Updated within the last 90 days. Actively maintained.

Unverified skill. Always review source code before installing any skill from an unknown author.

Risk Assessment

MCP server exposes Terraform Registry APIs and HCP Terraform/Enterprise APIs which could enable unauthorized infrastructure operations if misconfigured
StreamableHTTP transport requires environment variable configuration (MCP_ALLOWED_ORIGINS) to prevent DNS rebinding attacks, indicating potential security misuse vectors
Workspace operations include create/update/delete capabilities which could modify production infrastructure if credentials are compromised
README explicitly warns about not using with untrusted MCP clients or LLMs, indicating known security limitations
Official vendor repository (HashiCorp) reduces risk, but the tool itself manages sensitive cloud operations and credentials