AI Agent Skill HUB

k8s-validator

Validate Kubernetes manifests for security, best practices, and resource limits

509 stars
bya5c-ai
View on GitHubInstallation ↓

Best use case

k8s-validator is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Validate Kubernetes manifests for security, best practices, and resource limits

Teams using k8s-validator should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/k8s-validator/SKILL.md --create-dirs "https://raw.githubusercontent.com/a5c-ai/babysitter/main/library/specializations/software-architecture/skills/k8s-validator/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/k8s-validator/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How k8s-validator Compares

Feature / Agentk8s-validatorStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Validate Kubernetes manifests for security, best practices, and resource limits

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Kubernetes Manifest Validator Skill

## Overview

Validates Kubernetes manifests including security policy checking with OPA/Gatekeeper, best practice linting with kube-linter, and resource limit validation.

## Capabilities

- Validate Kubernetes manifests (YAML/JSON)
- Security policy checking (OPA/Gatekeeper)
- Best practice linting (kube-linter, kubeval)
- Resource limit validation
- Network policy analysis
- RBAC analysis
- Pod security standards checking

## Target Processes

- iac-review
- devops-architecture-alignment
- resilience-patterns

## Input Schema

```json
{
  "type": "object",
  "required": ["manifestPaths"],
  "properties": {
    "manifestPaths": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Paths to Kubernetes manifests"
    },
    "validators": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": ["kubeval", "kube-linter", "opa", "kubesec"]
      },
      "default": ["kubeval", "kube-linter"]
    },
    "options": {
      "type": "object",
      "properties": {
        "kubernetesVersion": {
          "type": "string",
          "default": "1.28.0"
        },
        "strict": {
          "type": "boolean",
          "default": false
        },
        "customPolicies": {
          "type": "array",
          "description": "Paths to custom OPA policies"
        }
      }
    }
  }
}
```

## Output Schema

```json
{
  "type": "object",
  "properties": {
    "valid": {
      "type": "boolean"
    },
    "manifests": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "path": { "type": "string" },
          "kind": { "type": "string" },
          "name": { "type": "string" },
          "valid": { "type": "boolean" },
          "issues": { "type": "array" }
        }
      }
    },
    "securityFindings": {
      "type": "array"
    },
    "bestPracticeViolations": {
      "type": "array"
    },
    "resourceLimitIssues": {
      "type": "array"
    }
  }
}
```

## Usage Example

```javascript
{
  kind: 'skill',
  skill: {
    name: 'k8s-validator',
    context: {
      manifestPaths: ['k8s/*.yaml'],
      validators: ['kubeval', 'kube-linter', 'kubesec'],
      options: {
        kubernetesVersion: '1.28.0',
        strict: true
      }
    }
  }
}
```

Related Skills

design-system-validator

509
from a5c-ai/babysitter

Validate design system compliance in code and detect token usage violations

link-validator

509
from a5c-ai/babysitter

Comprehensive link checking and validation for documentation. Validate internal links, external URLs, anchors, detect redirects, monitor link rot, and generate sitemap validation reports.

code-sample-validator

509
from a5c-ai/babysitter

Extract, validate, and test code samples in documentation. Verify syntax, execute samples, check outputs, validate imports, and ensure code samples are up-to-date with current APIs.

openapi-validator

509
from a5c-ai/babysitter

Validate OpenAPI specifications for correctness, security, and best practices

specialization-validator

509
from a5c-ai/babysitter

Validate specialization completeness across all 7 phases, score each phase, identify gaps, and generate validation reports.

process-validator

509
from a5c-ai/babysitter

Validate process JS files for correct SDK patterns, task definitions, syntax, and quality gate implementation.

checklist-validator

509
from a5c-ai/babysitter

Skill for validating research against reporting checklists

math-notation-validator

509
from a5c-ai/babysitter

Validate and standardize mathematical notation

image-algorithm-validator

509
from a5c-ai/babysitter

Medical image processing algorithm validation skill for segmentation, detection, and analysis algorithms

dicom-conformance-validator

509
from a5c-ai/babysitter

DICOM conformance testing and integration skill for medical imaging systems

hipaa-compliance-validator

509
from a5c-ai/babysitter

HIPAA compliance validation skill for genomic data handling and audit

giab-benchmark-validator

509
from a5c-ai/babysitter

Genome in a Bottle benchmark validation skill for pipeline accuracy assessment