Skill UI

This guide details comprehensive methods for auditing Terraform infrastructure-as-code (IaC) against security misconfigurations. By leveraging industry-standard tools like Checkov, tfsec, Terrascan, and Open Policy Agent (OPA), users can detect critical vulnerabilities—such as overly permissive IAM policies, public resource exposure, and missing encryption—before cloud deployment. It is essential for integrating robust security gates into CI/CD pipelines and enforcing compliance standards.

This skill guides the implementation of automated security scanning for Infrastructure as Code (IaC) templates using industry-leading tools like Checkov and tfsec. It focuses on integrating security checks into CI/CD pipelines to detect misconfigurations (e.g., public buckets, open ports) in Terraform, CloudFormation, and Kubernetes manifests before they reach production, thereby enforcing policy-based governance and securing the development lifecycle.

Run NVIDIA Cosmos Policy evaluations on LIBERO and RoboCasa simulations, enabling headless EGL GPU rendering, inference profiling, and benchmark workflows via public eval entrypoints.