OpenSkillIndex← back to search
claude-codedevops

Babysitter k8s-validator

Validate Kubernetes manifests for security, best practices, and resource limits

install
source · Clone the upstream repo
git clone https://github.com/a5c-ai/babysitter
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/a5c-ai/babysitter "$T" && mkdir -p ~/.claude/skills && cp -r "$T/library/specializations/software-architecture/skills/k8s-validator" ~/.claude/skills/a5c-ai-babysitter-k8s-validator && rm -rf "$T"
manifest: library/specializations/software-architecture/skills/k8s-validator/SKILL.md
tags
#k8s-validation#security-checking#manifest-linting#kube-linter#opa-gatekeeper#resource-limiting
source content

Kubernetes Manifest Validator Skill

Overview

Validates Kubernetes manifests including security policy checking with OPA/Gatekeeper, best practice linting with kube-linter, and resource limit validation.

Capabilities

  • Validate Kubernetes manifests (YAML/JSON)
  • Security policy checking (OPA/Gatekeeper)
  • Best practice linting (kube-linter, kubeval)
  • Resource limit validation
  • Network policy analysis
  • RBAC analysis
  • Pod security standards checking

Target Processes

  • iac-review
  • devops-architecture-alignment
  • resilience-patterns

Input Schema

{
  "type": "object",
  "required": ["manifestPaths"],
  "properties": {
    "manifestPaths": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Paths to Kubernetes manifests"
    },
    "validators": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": ["kubeval", "kube-linter", "opa", "kubesec"]
      },
      "default": ["kubeval", "kube-linter"]
    },
    "options": {
      "type": "object",
      "properties": {
        "kubernetesVersion": {
          "type": "string",
          "default": "1.28.0"
        },
        "strict": {
          "type": "boolean",
          "default": false
        },
        "customPolicies": {
          "type": "array",
          "description": "Paths to custom OPA policies"
        }
      }
    }
  }
}

Output Schema

{
  "type": "object",
  "properties": {
    "valid": {
      "type": "boolean"
    },
    "manifests": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "path": { "type": "string" },
          "kind": { "type": "string" },
          "name": { "type": "string" },
          "valid": { "type": "boolean" },
          "issues": { "type": "array" }
        }
      }
    },
    "securityFindings": {
      "type": "array"
    },
    "bestPracticeViolations": {
      "type": "array"
    },
    "resourceLimitIssues": {
      "type": "array"
    }
  }
}

Usage Example

{
  kind: 'skill',
  skill: {
    name: 'k8s-validator',
    context: {
      manifestPaths: ['k8s/*.yaml'],
      validators: ['kubeval', 'kube-linter', 'kubesec'],
      options: {
        kubernetesVersion: '1.28.0',
        strict: true
      }
    }
  }
}