diff --git a/CHANGELOG.md b/CHANGELOG.md
index d621a52..20bd902 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## [2.2.2] - 2025-12-15
+
+### Changed
+- **Terraform module**: Refactored to use `tf_no_var_file_cmds` config list instead of `skip_vars` parameter
+  - New `tf_no_var_file_cmds` variable (default: `init validate output state`)
+  - `tf_run` automatically skips `-var-file` for commands in the list
+  - Use `mb_is_true` for boolean checks instead of `$(filter $(mb_true),...)`
+
 ## [2.2.1] - 2025-12-15
 
 ### Fixed
diff --git a/modules/infrastructure/terraform/mod_config.mk b/modules/infrastructure/terraform/mod_config.mk
index 8eca4e2..54edd0a 100644
--- a/modules/infrastructure/terraform/mod_config.mk
+++ b/modules/infrastructure/terraform/mod_config.mk
@@ -62,3 +62,10 @@ tf_destroy_confirm ?= $(mb_true)
 ## @default $(mb_true)
 ## @group terraform
 tf_chdir_flag ?= $(mb_true)
+
+## @var tf_no_var_file_cmds
+## @desc Space-separated list of terraform commands that don't support -var-file
+## @type string
+## @default init validate output state
+## @group terraform
+tf_no_var_file_cmds ?= init validate output state
diff --git a/modules/infrastructure/terraform/terraform.mk b/modules/infrastructure/terraform/terraform.mk
index 3a2e58e..fdb81fd 100644
--- a/modules/infrastructure/terraform/terraform.mk
+++ b/modules/infrastructure/terraform/terraform.mk
@@ -40,7 +40,7 @@ define tf_build_chdir
 $(strip \
 	$(if $(value 1),,$(call mb_printf_error,$0: env required)) \
 	$(eval $0_arg1_env := $(strip $1)) \
-	$(if $(filter $(mb_true),$(tf_chdir_flag)), \
+	$(if $(call mb_is_true,$(tf_chdir_flag)), \
 		-chdir=$(tf_env_dir)/$($0_arg1_env) \
 	) \
 )
@@ -78,17 +78,16 @@ endef
 
 ## @function tf_run
 ## @desc Execute terraform command in environment directory
-## @desc Automatically includes shared tfvars if tf_shared_vars is set (unless skip_vars is true)
+## @desc Automatically includes shared tfvars unless command is in tf_no_var_file_cmds
 ## @arg 1: env (required) - Environment name (e.g., local, dev, prod)
 ## @arg 2: command (required) - Terraform command (e.g., init, plan, apply)
 ## @arg 3: extra_args (optional) - Additional arguments
-## @arg 4: skip_vars (optional) - Set to $(mb_true) to skip -var-file inclusion (for commands that don't support it)
 ## @returns Command output via mb_invoke
 ## @group terraform
-## @example $(call tf_run,local,init,,,$(mb_true))
+## @example $(call tf_run,local,init)
 ## @example $(call tf_run,dev,plan,-detailed-exitcode)
 ## @example $(call tf_run,prod,apply,-auto-approve)
-## @note Commands that don't support -var-file: init, validate, output, state
+## @note Commands in tf_no_var_file_cmds skip -var-file (default: init validate output state)
 define tf_run
 $(strip \
 	$(if $(value 1),,$(call mb_printf_error,$0: env required)) \
@@ -96,9 +95,9 @@ $(strip \
 	$(eval $0_arg1_env := $(strip $1)) \
 	$(eval $0_arg2_cmd := $(strip $2)) \
 	$(eval $0_arg3_extra := $(if $(value 3),$(strip $3))) \
-	$(eval $0_arg4_skip_vars := $(if $(value 4),$(strip $4))) \
 	$(eval $0_chdir := $(call tf_build_chdir,$($0_arg1_env))) \
-	$(eval $0_var_file := $(if $(filter $(mb_true),$($0_arg4_skip_vars)),,$(call tf_build_var_file))) \
+	$(eval $0_cmd_base := $(firstword $($0_arg2_cmd))) \
+	$(eval $0_var_file := $(if $(filter $($0_cmd_base),$(tf_no_var_file_cmds)),,$(call tf_build_var_file))) \
 	$(call mb_invoke,$(tf_bin) $($0_chdir) $($0_arg2_cmd) $($0_var_file) $($0_arg3_extra)) \
 )
 endef
@@ -110,7 +109,7 @@ ifndef __MB_TEST_DISCOVERY__
 
 terraform/init/%: ## Initialize Terraform for environment (usage: make terraform/init/local)
 	$(call mb_printf_info,Initializing Terraform for $* environment...)
-	$(call tf_run,$*,init,,$(mb_true))
+	$(call tf_run,$*,init)
 
 terraform/plan/%: ## Plan Terraform changes (usage: make terraform/plan/dev)
 	$(call mb_printf_info,Planning Terraform changes for $* environment...)
@@ -124,7 +123,7 @@ terraform/apply/%: ## Apply Terraform changes (usage: make terraform/apply/local
 	)
 
 terraform/destroy/%: ## Destroy Terraform infrastructure (usage: make terraform/destroy/local)
-	$(if $(filter $(mb_true),$(tf_destroy_confirm)), \
+	$(if $(call mb_is_true,$(tf_destroy_confirm)), \
 		$(call mb_user_confirm,This will destroy all infrastructure in $* environment!) \
 	)
 	$(if $(call tf_is_auto_approve_env,$*), \
@@ -134,13 +133,13 @@ terraform/destroy/%: ## Destroy Terraform infrastructure (usage: make terraform/
 
 terraform/validate/%: ## Validate Terraform configuration (usage: make terraform/validate/local)
 	$(call mb_printf_info,Validating Terraform configuration for $*...)
-	$(call tf_run,$*,validate,,$(mb_true))
+	$(call tf_run,$*,validate)
 
 terraform/output/%: ## Show Terraform outputs (usage: make terraform/output/local)
-	$(call tf_run,$*,output,,$(mb_true))
+	$(call tf_run,$*,output)
 
 terraform/state/list/%: ## List Terraform state resources (usage: make terraform/state/list/local)
-	$(call tf_run,$*,state list,,$(mb_true))
+	$(call tf_run,$*,state list)
 
 terraform/refresh/%: ## Refresh Terraform state (usage: make terraform/refresh/local)
 	$(call mb_printf_info,Refreshing Terraform state for $*...)
diff --git a/modules/infrastructure/terraform/terraform_test.mk b/modules/infrastructure/terraform/terraform_test.mk
index cb8016c..709f6d5 100644
--- a/modules/infrastructure/terraform/terraform_test.mk
+++ b/modules/infrastructure/terraform/terraform_test.mk
@@ -170,20 +170,33 @@ define test_modules_terraform_run_with_shared_vars
 	$(eval mb_invoke_silent := $(mb_off))
 endef
 
-define test_modules_terraform_run_skip_vars
+define test_modules_terraform_run_no_var_file_cmds
 	$(eval mb_invoke_silent := $(mb_on))
 	$(eval tf_bin := terraform)
 	$(eval tf_chdir_flag := $(mb_true))
 	$(eval tf_env_dir := terraform/environments)
 	$(eval tf_shared_vars := ../../shared/common.tfvars)
+	$(eval tf_no_var_file_cmds := init validate output state)
 
-	## With skip_vars=$(mb_true), should NOT include -var-file
-	$(eval $0_result := $(call tf_run,local,validate,,$(mb_true)))
+	## Commands in tf_no_var_file_cmds should NOT include -var-file
+	$(eval $0_result := $(call tf_run,local,validate))
 	$(call mb_assert_contains,terraform,$($0_result))
 	$(call mb_assert_contains,validate,$($0_result))
 	$(call mb_assert_not_empty,$(findstring -chdir,$($0_result)))
-	## Verify -var-file is NOT present
-	$(call mb_assert_empty,$(findstring -var-file,$($0_result)),skip_vars should exclude -var-file)
+	$(call mb_assert_empty,$(findstring -var-file,$($0_result)),validate should not have -var-file)
+
+	## Test init (also in the list)
+	$(eval $0_result := $(call tf_run,local,init))
+	$(call mb_assert_empty,$(findstring -var-file,$($0_result)),init should not have -var-file)
+
+	## Test state list (multi-word command, first word is "state")
+	$(eval $0_result := $(call tf_run,local,state list))
+	$(call mb_assert_contains,state list,$($0_result))
+	$(call mb_assert_empty,$(findstring -var-file,$($0_result)),state should not have -var-file)
+
+	## Test plan (NOT in list) - should include -var-file
+	$(eval $0_result := $(call tf_run,local,plan))
+	$(call mb_assert_not_empty,$(findstring -var-file,$($0_result)),plan should have -var-file)
 
 	$(eval tf_shared_vars :=)
 	$(eval mb_invoke_silent := $(mb_off))
@@ -223,6 +236,7 @@ define test_modules_terraform_config_defaults
 	$(eval tf_auto_approve_envs := local)
 	$(eval tf_destroy_confirm := $(mb_true))
 	$(eval tf_chdir_flag := $(mb_true))
+	$(eval tf_no_var_file_cmds := init validate output state)
 
 	$(call mb_assert_eq,terraform,$(tf_bin))
 	$(call mb_assert_eq,terraform,$(tf_root_dir))
@@ -231,6 +245,7 @@ define test_modules_terraform_config_defaults
 	$(call mb_assert_eq,local,$(tf_auto_approve_envs))
 	$(call mb_assert_eq,$(mb_true),$(tf_destroy_confirm))
 	$(call mb_assert_eq,$(mb_true),$(tf_chdir_flag))
+	$(call mb_assert_eq,init validate output state,$(tf_no_var_file_cmds))
 endef
 
 ######################################################################################