This is a static code analysis tool for Infrastructure as Code (IaC), aiming to help developers detect and prevent cloud infrastructure configuration errors and security vulnerabilities during the construction phase. It supports static detection of IaC files for multiple cloud platforms such as AWS, Azure, GCP, and Kubernetes (such as Terraform, CloudFormation, Kubernetes YAML, etc.), and can also analyze security risks in container images and open source dependency packages.