一键导入
k8s-manifest-security-auditor
Static analysis for common Kubernetes manifest security and reliability risks.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Static analysis for common Kubernetes manifest security and reliability risks.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Context-aware caption translation skill for SRT/VTT/ASS with bilingual output and optional Gemini CLI fallback.
CRITICAL: Skill composition engine for automatic workflow generation from skill metadata. Triggers: compose skills, orchestrate, workflow, combine skills, skill pipeline, multi-skill, 技能组合, 工作流编排, 技能发现, 自动编排, skill discovery, semantic matching, StateGraph generation
Intelligent content optimization framework for preparing data and content for AI/ML training pipelines with quality analysis, dataset optimization, and hyperparameter suggestions.
CRITICAL: Multi-agent consensus engine for parallel LLM analysis, cross-validation, and collective decision-making. Triggers: consensus, multi-agent, voting, cross-validate, hallucination reduction, 多模型共识, 交叉验证, 集体决策
CRITICAL: You are an expert in multi-agent negotiation, game theory, and automated settlement protocols. Use this skill for designing and implementing agent-to-agent negotiation workflows with x402 payment settlement. Triggers on: negotiation, bargaining, agent trade, service agreement, SLA, price negotiation, x402 settlement, agent economy, "agents negotiate", "how do agents negotiate prices", "implement agent bargaining", "multi-round negotiation", "automated deal-making", "自动谈判", "智能体协商", "服务协议", "价格谈判", "多轮协商", "agent 经济"
Query Solodit audit knowledge to review smart contracts with evidence-backed findings, severity summaries, and remediation guidance. Use for contract audit prep, vulnerability triage, and secure coding reviews.
| name | k8s-manifest-security-auditor |
| track | enterprise-skills |
| version | 0.1.0 |
| summary | Lint Kubernetes YAML manifests for security and reliability risks (privileged, hostNetwork, hostPath, runAsRoot, missing limits). |
| description | Static analysis for common Kubernetes manifest security and reliability risks. |
| author | guangyusong |
| tags | ["kubernetes","k8s","security","yaml"] |
Audit Kubernetes YAML manifests (multi-doc supported) for common security and reliability issues without requiring cluster access.
{
"manifests_yaml": "...multi-doc yaml...",
"manifest_path": "k8s.yaml",
"ruleset": "baseline|restricted",
"max_findings": 200
}
Notes:
manifests_yaml or manifest_path.ruleset influences some severities (e.g., missing limits).Success:
{
"ok": true,
"data": {
"demo": false,
"summary": {
"documents": 0,
"resources_scanned": 0,
"findings_total": 0,
"by_severity": {"CRITICAL":0,"HIGH":0,"MEDIUM":0,"LOW":0}
},
"risk_score": 0,
"risk_level": "LOW|MEDIUM|HIGH|CRITICAL",
"findings": []
}
}
Error:
{
"ok": false,
"error": "...",
"details": {"message": "..."}
}
Demo mode:
python3 scripts/main.py --demo
With parameters:
python3 scripts/main.py --params '{"manifest_path":"./k8s.yaml","ruleset":"restricted"}'
Via stdin:
echo '{"manifests_yaml":"apiVersion: v1\nkind: Pod\n..."}' | python3 scripts/main.py
python3 scripts/main.py --params '{"manifests_yaml":"apiVersion: v1\nkind: Pod\nmetadata:\n name: p\nspec:\n containers: [{name: c, image: alpine}]"}'
All errors return JSON with ok:false and exit with a non-zero code.