Назад към всички

k8s-validator

// Validate Kubernetes manifests for security, best practices, and resource limits

$ git log --oneline --stat
stars:384
forks:73
updated:March 4, 2026
SKILL.mdreadonly
SKILL.md Frontmatter
namek8s-validator
descriptionValidate Kubernetes manifests for security, best practices, and resource limits
allowed-toolsBash,Read,Write,Glob

Kubernetes Manifest Validator Skill

Overview

Validates Kubernetes manifests including security policy checking with OPA/Gatekeeper, best practice linting with kube-linter, and resource limit validation.

Capabilities

  • Validate Kubernetes manifests (YAML/JSON)
  • Security policy checking (OPA/Gatekeeper)
  • Best practice linting (kube-linter, kubeval)
  • Resource limit validation
  • Network policy analysis
  • RBAC analysis
  • Pod security standards checking

Target Processes

  • iac-review
  • devops-architecture-alignment
  • resilience-patterns

Input Schema

{
  "type": "object",
  "required": ["manifestPaths"],
  "properties": {
    "manifestPaths": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Paths to Kubernetes manifests"
    },
    "validators": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": ["kubeval", "kube-linter", "opa", "kubesec"]
      },
      "default": ["kubeval", "kube-linter"]
    },
    "options": {
      "type": "object",
      "properties": {
        "kubernetesVersion": {
          "type": "string",
          "default": "1.28.0"
        },
        "strict": {
          "type": "boolean",
          "default": false
        },
        "customPolicies": {
          "type": "array",
          "description": "Paths to custom OPA policies"
        }
      }
    }
  }
}

Output Schema

{
  "type": "object",
  "properties": {
    "valid": {
      "type": "boolean"
    },
    "manifests": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "path": { "type": "string" },
          "kind": { "type": "string" },
          "name": { "type": "string" },
          "valid": { "type": "boolean" },
          "issues": { "type": "array" }
        }
      }
    },
    "securityFindings": {
      "type": "array"
    },
    "bestPracticeViolations": {
      "type": "array"
    },
    "resourceLimitIssues": {
      "type": "array"
    }
  }
}

Usage Example

{
  kind: 'skill',
  skill: {
    name: 'k8s-validator',
    context: {
      manifestPaths: ['k8s/*.yaml'],
      validators: ['kubeval', 'kube-linter', 'kubesec'],
      options: {
        kubernetesVersion: '1.28.0',
        strict: true
      }
    }
  }
}