@raishin/vanguard-frontier-agentic 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (442) hide show
  1. package/README.md +231 -113
  2. package/agents/AGENTS.md +263 -21
  3. package/agents/argocd/README.md +46 -0
  4. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/AGENT.md +55 -0
  5. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/claude-code.agent.md +35 -0
  6. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/codex.toml +29 -0
  7. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/copilot.agent.md +35 -0
  8. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/cursor.agent.md +35 -0
  9. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/gemini.agent.md +35 -0
  10. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/kiro-cli.agent.json +5 -0
  11. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/harnesses/kiro-ide.agent.md +35 -0
  12. package/agents/argocd/argo-rollouts-progressive-delivery-review-agent/metadata.json +31 -0
  13. package/agents/argocd/argocd-gitops-review-agent/AGENT.md +55 -0
  14. package/agents/argocd/argocd-gitops-review-agent/harnesses/claude-code.agent.md +38 -0
  15. package/agents/argocd/argocd-gitops-review-agent/harnesses/codex.toml +32 -0
  16. package/agents/argocd/argocd-gitops-review-agent/harnesses/copilot.agent.md +38 -0
  17. package/agents/argocd/argocd-gitops-review-agent/harnesses/cursor.agent.md +38 -0
  18. package/agents/argocd/argocd-gitops-review-agent/harnesses/gemini.agent.md +38 -0
  19. package/agents/argocd/argocd-gitops-review-agent/harnesses/kiro-cli.agent.json +5 -0
  20. package/agents/argocd/argocd-gitops-review-agent/harnesses/kiro-ide.agent.md +38 -0
  21. package/agents/argocd/argocd-gitops-review-agent/metadata.json +30 -0
  22. package/agents/aws/aws-live-deployment-guarded-operator-agent/metadata.json +10 -1
  23. package/agents/aws/aws-live-ecs-rollout-guard-agent/metadata.json +10 -1
  24. package/agents/aws/aws-live-iac-change-guard-agent/metadata.json +10 -1
  25. package/agents/aws/aws-live-pipeline-approval-operator-agent/metadata.json +10 -1
  26. package/agents/aws/aws-live-serverless-release-guard-agent/metadata.json +10 -1
  27. package/agents/aws/aws-private-ca-issuer-review-agent/AGENT.md +53 -0
  28. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  29. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/codex.toml +27 -0
  30. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  31. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  32. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  33. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  34. package/agents/aws/aws-private-ca-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  35. package/agents/aws/aws-private-ca-issuer-review-agent/metadata.json +37 -0
  36. package/agents/azure/README.md +45 -0
  37. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/AGENT.md +53 -0
  38. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  39. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/codex.toml +27 -0
  40. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  41. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  42. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  43. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  44. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  45. package/agents/azure/azure-keyvault-certificate-issuer-review-agent/metadata.json +36 -0
  46. package/agents/azure/azure-live-aks-rollout-guard-agent/metadata.json +10 -1
  47. package/agents/azure/azure-live-app-service-slot-swap-guard-agent/metadata.json +10 -1
  48. package/agents/azure/azure-live-arm-deployment-stack-guard-agent/metadata.json +10 -1
  49. package/agents/azure/azure-live-cost-budget-action-guard-agent/metadata.json +10 -1
  50. package/agents/azure/azure-live-entra-role-assignment-guard-agent/AGENT.md +59 -0
  51. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/claude-code.agent.md +42 -0
  52. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/codex.toml +34 -0
  53. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/copilot.agent.md +55 -0
  54. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/cursor.agent.md +44 -0
  55. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/gemini.agent.md +43 -0
  56. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  57. package/agents/azure/azure-live-entra-role-assignment-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  58. package/agents/azure/azure-live-entra-role-assignment-guard-agent/metadata.json +37 -0
  59. package/agents/azure/azure-live-keyvault-rotation-purge-guard-agent/metadata.json +10 -1
  60. package/agents/azure/azure-live-pim-jit-activation-guard-agent/metadata.json +11 -2
  61. package/agents/backstage/README.md +36 -0
  62. package/agents/backstage/backstage-scaffolder-template-review-agent/AGENT.md +54 -0
  63. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/claude-code.agent.md +37 -0
  64. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/codex.toml +31 -0
  65. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/copilot.agent.md +37 -0
  66. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/cursor.agent.md +37 -0
  67. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/gemini.agent.md +37 -0
  68. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/kiro-cli.agent.json +5 -0
  69. package/agents/backstage/backstage-scaffolder-template-review-agent/harnesses/kiro-ide.agent.md +37 -0
  70. package/agents/backstage/backstage-scaffolder-template-review-agent/metadata.json +30 -0
  71. package/agents/cert-manager/README.md +46 -0
  72. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/AGENT.md +55 -0
  73. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/claude-code.agent.md +35 -0
  74. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/codex.toml +29 -0
  75. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/copilot.agent.md +35 -0
  76. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/cursor.agent.md +35 -0
  77. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/gemini.agent.md +35 -0
  78. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/kiro-cli.agent.json +5 -0
  79. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/harnesses/kiro-ide.agent.md +35 -0
  80. package/agents/cert-manager/cert-manager-issuer-trust-review-agent/metadata.json +31 -0
  81. package/agents/cilium/README.md +46 -0
  82. package/agents/cilium/cilium-network-policy-review-agent/AGENT.md +55 -0
  83. package/agents/cilium/cilium-network-policy-review-agent/harnesses/claude-code.agent.md +38 -0
  84. package/agents/cilium/cilium-network-policy-review-agent/harnesses/codex.toml +32 -0
  85. package/agents/cilium/cilium-network-policy-review-agent/harnesses/copilot.agent.md +38 -0
  86. package/agents/cilium/cilium-network-policy-review-agent/harnesses/cursor.agent.md +38 -0
  87. package/agents/cilium/cilium-network-policy-review-agent/harnesses/gemini.agent.md +38 -0
  88. package/agents/cilium/cilium-network-policy-review-agent/harnesses/kiro-cli.agent.json +5 -0
  89. package/agents/cilium/cilium-network-policy-review-agent/harnesses/kiro-ide.agent.md +38 -0
  90. package/agents/cilium/cilium-network-policy-review-agent/metadata.json +37 -0
  91. package/agents/falco/README.md +36 -0
  92. package/agents/falco/falco-runtime-threat-rules-review-agent/AGENT.md +49 -0
  93. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/claude-code.agent.md +33 -0
  94. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/codex.toml +31 -0
  95. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/copilot.agent.md +33 -0
  96. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/cursor.agent.md +33 -0
  97. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/gemini.agent.md +33 -0
  98. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/kiro-cli.agent.json +5 -0
  99. package/agents/falco/falco-runtime-threat-rules-review-agent/harnesses/kiro-ide.agent.md +33 -0
  100. package/agents/falco/falco-runtime-threat-rules-review-agent/metadata.json +31 -0
  101. package/agents/finops/README.md +27 -0
  102. package/agents/finops/finops-cloud-price-advisor-agent/metadata.json +10 -1
  103. package/agents/fluxcd/README.md +39 -0
  104. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/AGENT.md +55 -0
  105. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/claude-code.agent.md +38 -0
  106. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/codex.toml +32 -0
  107. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/copilot.agent.md +38 -0
  108. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/cursor.agent.md +38 -0
  109. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/gemini.agent.md +38 -0
  110. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/kiro-cli.agent.json +5 -0
  111. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/harnesses/kiro-ide.agent.md +38 -0
  112. package/agents/fluxcd/fluxcd-kustomization-helmrelease-review-agent/metadata.json +31 -0
  113. package/agents/istio/README.md +46 -0
  114. package/agents/istio/istio-ambient-mesh-review-agent/AGENT.md +55 -0
  115. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/claude-code.agent.md +38 -0
  116. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/codex.toml +32 -0
  117. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/copilot.agent.md +38 -0
  118. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/cursor.agent.md +38 -0
  119. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/gemini.agent.md +38 -0
  120. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/kiro-cli.agent.json +5 -0
  121. package/agents/istio/istio-ambient-mesh-review-agent/harnesses/kiro-ide.agent.md +38 -0
  122. package/agents/istio/istio-ambient-mesh-review-agent/metadata.json +30 -0
  123. package/agents/kubernetes/README.md +143 -0
  124. package/agents/kubernetes/external-secrets-operator-review-agent/AGENT.md +49 -0
  125. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/claude-code.agent.md +33 -0
  126. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/codex.toml +31 -0
  127. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/copilot.agent.md +33 -0
  128. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/cursor.agent.md +33 -0
  129. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/gemini.agent.md +33 -0
  130. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/kiro-cli.agent.json +5 -0
  131. package/agents/kubernetes/external-secrets-operator-review-agent/harnesses/kiro-ide.agent.md +33 -0
  132. package/agents/kubernetes/external-secrets-operator-review-agent/metadata.json +31 -0
  133. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/AGENT.md +56 -0
  134. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/claude-code.agent.md +39 -0
  135. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/codex.toml +34 -0
  136. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/copilot.agent.md +39 -0
  137. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/cursor.agent.md +39 -0
  138. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/gemini.agent.md +39 -0
  139. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/kiro-cli.agent.json +5 -0
  140. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/harnesses/kiro-ide.agent.md +39 -0
  141. package/agents/kubernetes/kubecost-chargeback-allocation-review-agent/metadata.json +31 -0
  142. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/AGENT.md +59 -0
  143. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  144. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/codex.toml +33 -0
  145. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  146. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  147. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  148. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  149. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  150. package/agents/kubernetes/kubernetes-live-admission-policy-guard-agent/metadata.json +36 -0
  151. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/AGENT.md +59 -0
  152. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/claude-code.agent.md +42 -0
  153. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/codex.toml +33 -0
  154. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/copilot.agent.md +42 -0
  155. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/cursor.agent.md +42 -0
  156. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/gemini.agent.md +42 -0
  157. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  158. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  159. package/agents/kubernetes/kubernetes-live-argocd-sync-guard-agent/metadata.json +36 -0
  160. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/AGENT.md +59 -0
  161. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  162. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/codex.toml +33 -0
  163. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  164. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  165. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  166. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  167. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  168. package/agents/kubernetes/kubernetes-live-mesh-policy-guard-agent/metadata.json +36 -0
  169. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/AGENT.md +59 -0
  170. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/claude-code.agent.md +42 -0
  171. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/codex.toml +33 -0
  172. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/copilot.agent.md +42 -0
  173. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/cursor.agent.md +42 -0
  174. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/gemini.agent.md +42 -0
  175. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  176. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  177. package/agents/kubernetes/kubernetes-live-network-policy-guard-agent/metadata.json +36 -0
  178. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/AGENT.md +59 -0
  179. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/claude-code.agent.md +42 -0
  180. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/codex.toml +34 -0
  181. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/copilot.agent.md +55 -0
  182. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/cursor.agent.md +44 -0
  183. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/gemini.agent.md +43 -0
  184. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  185. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  186. package/agents/kubernetes/kubernetes-live-rbac-mutation-guard-agent/metadata.json +36 -0
  187. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/AGENT.md +62 -0
  188. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/claude-code.agent.md +43 -0
  189. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/codex.toml +35 -0
  190. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/copilot.agent.md +43 -0
  191. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/cursor.agent.md +43 -0
  192. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/gemini.agent.md +43 -0
  193. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  194. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/harnesses/kiro-ide.agent.md +43 -0
  195. package/agents/kubernetes/kubernetes-live-velero-restore-guard-agent/metadata.json +37 -0
  196. package/agents/kubernetes/kubernetes-maestro-agent/AGENT.md +55 -0
  197. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/claude-code.agent.md +38 -0
  198. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/codex.toml +34 -0
  199. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/copilot.agent.md +38 -0
  200. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/cursor.agent.md +38 -0
  201. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/gemini.agent.md +38 -0
  202. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  203. package/agents/kubernetes/kubernetes-maestro-agent/harnesses/kiro-ide.agent.md +38 -0
  204. package/agents/kubernetes/kubernetes-maestro-agent/metadata.json +40 -0
  205. package/agents/kubernetes/kubernetes-pod-spec-review-agent/AGENT.md +54 -0
  206. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/claude-code.agent.md +37 -0
  207. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/codex.toml +27 -0
  208. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/copilot.agent.md +37 -0
  209. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/cursor.agent.md +37 -0
  210. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/gemini.agent.md +37 -0
  211. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/kiro-cli.agent.json +5 -0
  212. package/agents/kubernetes/kubernetes-pod-spec-review-agent/harnesses/kiro-ide.agent.md +37 -0
  213. package/agents/kubernetes/kubernetes-pod-spec-review-agent/metadata.json +38 -0
  214. package/agents/kubernetes/kubernetes-psa-review-agent/AGENT.md +55 -0
  215. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/claude-code.agent.md +36 -0
  216. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/codex.toml +29 -0
  217. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/copilot.agent.md +36 -0
  218. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/cursor.agent.md +36 -0
  219. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/gemini.agent.md +36 -0
  220. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/kiro-cli.agent.json +5 -0
  221. package/agents/kubernetes/kubernetes-psa-review-agent/harnesses/kiro-ide.agent.md +36 -0
  222. package/agents/kubernetes/kubernetes-psa-review-agent/metadata.json +37 -0
  223. package/agents/kubernetes/kubernetes-rbac-review-agent/AGENT.md +55 -0
  224. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/claude-code.agent.md +38 -0
  225. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/codex.toml +32 -0
  226. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/copilot.agent.md +51 -0
  227. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/cursor.agent.md +40 -0
  228. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/gemini.agent.md +39 -0
  229. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/kiro-cli.agent.json +5 -0
  230. package/agents/kubernetes/kubernetes-rbac-review-agent/harnesses/kiro-ide.agent.md +38 -0
  231. package/agents/kubernetes/kubernetes-rbac-review-agent/metadata.json +36 -0
  232. package/agents/kubernetes/kubernetes-workload-identity-review-agent/AGENT.md +55 -0
  233. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/claude-code.agent.md +37 -0
  234. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/codex.toml +29 -0
  235. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/copilot.agent.md +37 -0
  236. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/cursor.agent.md +37 -0
  237. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/gemini.agent.md +37 -0
  238. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/kiro-cli.agent.json +5 -0
  239. package/agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/kiro-ide.agent.md +37 -0
  240. package/agents/kubernetes/kubernetes-workload-identity-review-agent/metadata.json +37 -0
  241. package/agents/kyverno/README.md +46 -0
  242. package/agents/kyverno/kyverno-policy-review-agent/AGENT.md +55 -0
  243. package/agents/kyverno/kyverno-policy-review-agent/harnesses/claude-code.agent.md +38 -0
  244. package/agents/kyverno/kyverno-policy-review-agent/harnesses/codex.toml +32 -0
  245. package/agents/kyverno/kyverno-policy-review-agent/harnesses/copilot.agent.md +38 -0
  246. package/agents/kyverno/kyverno-policy-review-agent/harnesses/cursor.agent.md +38 -0
  247. package/agents/kyverno/kyverno-policy-review-agent/harnesses/gemini.agent.md +38 -0
  248. package/agents/kyverno/kyverno-policy-review-agent/harnesses/kiro-cli.agent.json +5 -0
  249. package/agents/kyverno/kyverno-policy-review-agent/harnesses/kiro-ide.agent.md +38 -0
  250. package/agents/kyverno/kyverno-policy-review-agent/metadata.json +30 -0
  251. package/agents/oci/README.md +45 -0
  252. package/agents/oci/oci-certificates-issuer-review-agent/AGENT.md +53 -0
  253. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/claude-code.agent.md +36 -0
  254. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/codex.toml +27 -0
  255. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/copilot.agent.md +36 -0
  256. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/cursor.agent.md +36 -0
  257. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/gemini.agent.md +36 -0
  258. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/kiro-cli.agent.json +5 -0
  259. package/agents/oci/oci-certificates-issuer-review-agent/harnesses/kiro-ide.agent.md +36 -0
  260. package/agents/oci/oci-certificates-issuer-review-agent/metadata.json +36 -0
  261. package/agents/oci/oci-live-autonomous-db-lifecycle-guard-agent/metadata.json +11 -2
  262. package/agents/oci/oci-live-cost-budget-runaway-guard-agent/metadata.json +11 -2
  263. package/agents/oci/oci-live-iam-policy-compartment-guard-agent/metadata.json +10 -1
  264. package/agents/oci/oci-live-network-security-rule-guard-agent/AGENT.md +59 -0
  265. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/claude-code.agent.md +42 -0
  266. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/codex.toml +34 -0
  267. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/copilot.agent.md +55 -0
  268. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/cursor.agent.md +44 -0
  269. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/gemini.agent.md +43 -0
  270. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  271. package/agents/oci/oci-live-network-security-rule-guard-agent/harnesses/kiro-ide.agent.md +42 -0
  272. package/agents/oci/oci-live-network-security-rule-guard-agent/metadata.json +37 -0
  273. package/agents/oci/oci-live-oke-rollout-guard-agent/metadata.json +11 -2
  274. package/agents/oci/oci-live-resource-manager-stack-guard-agent/metadata.json +10 -1
  275. package/agents/oci/oci-live-vault-key-destruction-guard-agent/metadata.json +10 -1
  276. package/agents/opentelemetry/README.md +37 -0
  277. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/AGENT.md +55 -0
  278. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/claude-code.agent.md +38 -0
  279. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/codex.toml +32 -0
  280. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/copilot.agent.md +38 -0
  281. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/cursor.agent.md +38 -0
  282. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/gemini.agent.md +38 -0
  283. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/kiro-cli.agent.json +5 -0
  284. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/harnesses/kiro-ide.agent.md +38 -0
  285. package/agents/opentelemetry/opentelemetry-collector-config-review-agent/metadata.json +37 -0
  286. package/agents/prometheus/README.md +36 -0
  287. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/AGENT.md +48 -0
  288. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/claude-code.agent.md +32 -0
  289. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/codex.toml +31 -0
  290. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/copilot.agent.md +32 -0
  291. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/cursor.agent.md +32 -0
  292. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/gemini.agent.md +32 -0
  293. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/kiro-cli.agent.json +5 -0
  294. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/harnesses/kiro-ide.agent.md +32 -0
  295. package/agents/prometheus/prometheus-alerting-cardinality-review-agent/metadata.json +31 -0
  296. package/agents/sigstore/README.md +38 -0
  297. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/AGENT.md +55 -0
  298. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/claude-code.agent.md +35 -0
  299. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/codex.toml +29 -0
  300. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/copilot.agent.md +35 -0
  301. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/cursor.agent.md +35 -0
  302. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/gemini.agent.md +35 -0
  303. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/kiro-cli.agent.json +5 -0
  304. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/harnesses/kiro-ide.agent.md +35 -0
  305. package/agents/sigstore/sigstore-cosign-supply-chain-review-agent/metadata.json +31 -0
  306. package/agents/terraform/README.md +29 -0
  307. package/agents/terraform/terraform-reviewer/harnesses/claude-code.agent.md +29 -0
  308. package/agents/terraform/terraform-reviewer/harnesses/codex.toml +29 -0
  309. package/agents/terraform/terraform-reviewer/harnesses/copilot.agent.md +42 -0
  310. package/agents/terraform/terraform-reviewer/harnesses/cursor.agent.md +31 -0
  311. package/agents/terraform/terraform-reviewer/harnesses/gemini.agent.md +30 -0
  312. package/agents/terraform/terraform-reviewer/harnesses/kiro-cli.agent.json +5 -0
  313. package/agents/terraform/terraform-reviewer/harnesses/kiro-ide.agent.md +29 -0
  314. package/agents/terraform/terraform-reviewer/metadata.json +10 -1
  315. package/agents/velero/README.md +41 -0
  316. package/assets/logos/vanguard-frontier-agentic-logo.png +0 -0
  317. package/catalog/agents.json +1452 -634
  318. package/catalog/install-roles.json +455 -0
  319. package/catalog/skill-manifest.json +757 -3
  320. package/catalog/skills.json +1298 -528
  321. package/package.json +11 -1
  322. package/scripts/export-marketplace-agents.mjs +100 -9
  323. package/scripts/update-catalog-new-agents.py +88 -0
  324. package/skills/argocd/README.md +30 -0
  325. package/skills/argocd/argo-rollouts-progressive-delivery-review/SKILL.md +40 -0
  326. package/skills/argocd/argo-rollouts-progressive-delivery-review/metadata.json +22 -0
  327. package/skills/argocd/argo-rollouts-progressive-delivery-review/references/workflow-and-output.md +248 -0
  328. package/skills/argocd/argocd-gitops-review/SKILL.md +43 -0
  329. package/skills/argocd/argocd-gitops-review/metadata.json +30 -0
  330. package/skills/argocd/argocd-gitops-review/references/mcp-and-evidence.md +53 -0
  331. package/skills/argocd/argocd-gitops-review/references/official-sources.md +32 -0
  332. package/skills/argocd/argocd-gitops-review/references/workflow-and-output.md +120 -0
  333. package/skills/aws/README.md +3 -1
  334. package/skills/aws/aws-maestro/references/workflow-and-output.md +2 -0
  335. package/skills/aws/aws-private-ca-issuer-review/SKILL.md +39 -0
  336. package/skills/aws/aws-private-ca-issuer-review/metadata.json +21 -0
  337. package/skills/aws/aws-private-ca-issuer-review/references/official-sources.md +22 -0
  338. package/skills/aws/aws-private-ca-issuer-review/references/safety-checklist.md +30 -0
  339. package/skills/aws/aws-private-ca-issuer-review/references/workflow-and-output.md +214 -0
  340. package/skills/azure/README.md +3 -1
  341. package/skills/azure/azure-keyvault-certificate-issuer-review/SKILL.md +37 -0
  342. package/skills/azure/azure-keyvault-certificate-issuer-review/metadata.json +20 -0
  343. package/skills/azure/azure-keyvault-certificate-issuer-review/references/workflow-and-output.md +190 -0
  344. package/skills/azure/azure-live-entra-role-assignment-guard/SKILL.md +56 -0
  345. package/skills/azure/azure-live-entra-role-assignment-guard/metadata.json +28 -0
  346. package/skills/azure/azure-live-entra-role-assignment-guard/references/official-sources.md +21 -0
  347. package/skills/azure/azure-live-entra-role-assignment-guard/references/permission-model.md +70 -0
  348. package/skills/azure/azure-live-entra-role-assignment-guard/references/preflight-commands.md +69 -0
  349. package/skills/azure/azure-live-entra-role-assignment-guard/references/rollback-playbook.md +51 -0
  350. package/skills/backstage/backstage-scaffolder-template-review/SKILL.md +39 -0
  351. package/skills/backstage/backstage-scaffolder-template-review/metadata.json +21 -0
  352. package/skills/backstage/backstage-scaffolder-template-review/references/workflow-and-output.md +179 -0
  353. package/skills/cert-manager/cert-manager-issuer-trust-review/SKILL.md +40 -0
  354. package/skills/cert-manager/cert-manager-issuer-trust-review/metadata.json +22 -0
  355. package/skills/cert-manager/cert-manager-issuer-trust-review/references/workflow-and-output.md +222 -0
  356. package/skills/cilium/README.md +30 -0
  357. package/skills/cilium/cilium-network-policy-review/SKILL.md +43 -0
  358. package/skills/cilium/cilium-network-policy-review/metadata.json +30 -0
  359. package/skills/cilium/cilium-network-policy-review/references/mcp-and-evidence.md +52 -0
  360. package/skills/cilium/cilium-network-policy-review/references/official-sources.md +30 -0
  361. package/skills/cilium/cilium-network-policy-review/references/workflow-and-output.md +130 -0
  362. package/skills/falco/falco-runtime-threat-rules-review/SKILL.md +37 -0
  363. package/skills/falco/falco-runtime-threat-rules-review/metadata.json +22 -0
  364. package/skills/falco/falco-runtime-threat-rules-review/references/workflow-and-output.md +249 -0
  365. package/skills/finops/README.md +30 -0
  366. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/SKILL.md +40 -0
  367. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/metadata.json +22 -0
  368. package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/references/workflow-and-output.md +243 -0
  369. package/skills/istio/README.md +28 -0
  370. package/skills/istio/istio-ambient-mesh-review/SKILL.md +43 -0
  371. package/skills/istio/istio-ambient-mesh-review/metadata.json +30 -0
  372. package/skills/istio/istio-ambient-mesh-review/references/mcp-and-evidence.md +59 -0
  373. package/skills/istio/istio-ambient-mesh-review/references/official-sources.md +32 -0
  374. package/skills/istio/istio-ambient-mesh-review/references/workflow-and-output.md +128 -0
  375. package/skills/kubernetes/README.md +30 -0
  376. package/skills/kubernetes/external-secrets-operator-review/SKILL.md +37 -0
  377. package/skills/kubernetes/external-secrets-operator-review/metadata.json +22 -0
  378. package/skills/kubernetes/external-secrets-operator-review/references/workflow-and-output.md +280 -0
  379. package/skills/kubernetes/kubecost-chargeback-allocation-review/SKILL.md +40 -0
  380. package/skills/kubernetes/kubecost-chargeback-allocation-review/metadata.json +22 -0
  381. package/skills/kubernetes/kubecost-chargeback-allocation-review/references/workflow-and-output.md +215 -0
  382. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/SKILL.md +57 -0
  383. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/metadata.json +27 -0
  384. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/official-sources.md +18 -0
  385. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/permission-model.md +78 -0
  386. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/preflight-commands.md +81 -0
  387. package/skills/kubernetes/kubernetes-live-rbac-mutation-guard/references/rollback-playbook.md +61 -0
  388. package/skills/kubernetes/kubernetes-maestro/SKILL.md +45 -0
  389. package/skills/kubernetes/kubernetes-maestro/metadata.json +24 -0
  390. package/skills/kubernetes/kubernetes-maestro/references/safety-checklist.md +78 -0
  391. package/skills/kubernetes/kubernetes-maestro/references/workflow-and-output.md +206 -0
  392. package/skills/kubernetes/kubernetes-pod-security-admission-review/SKILL.md +43 -0
  393. package/skills/kubernetes/kubernetes-pod-security-admission-review/metadata.json +28 -0
  394. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/mcp-and-evidence.md +49 -0
  395. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/official-sources.md +26 -0
  396. package/skills/kubernetes/kubernetes-pod-security-admission-review/references/workflow-and-output.md +129 -0
  397. package/skills/kubernetes/kubernetes-pod-spec-review/SKILL.md +38 -0
  398. package/skills/kubernetes/kubernetes-pod-spec-review/metadata.json +22 -0
  399. package/skills/kubernetes/kubernetes-pod-spec-review/references/workflow-and-output.md +229 -0
  400. package/skills/kubernetes/kubernetes-rbac-review/SKILL.md +38 -0
  401. package/skills/kubernetes/kubernetes-rbac-review/metadata.json +27 -0
  402. package/skills/kubernetes/kubernetes-rbac-review/references/mcp-and-evidence.md +34 -0
  403. package/skills/kubernetes/kubernetes-rbac-review/references/official-sources.md +22 -0
  404. package/skills/kubernetes/kubernetes-rbac-review/references/workflow-and-output.md +44 -0
  405. package/skills/kubernetes/kubernetes-workload-identity-review/SKILL.md +43 -0
  406. package/skills/kubernetes/kubernetes-workload-identity-review/metadata.json +29 -0
  407. package/skills/kubernetes/kubernetes-workload-identity-review/references/mcp-and-evidence.md +57 -0
  408. package/skills/kubernetes/kubernetes-workload-identity-review/references/official-sources.md +47 -0
  409. package/skills/kubernetes/kubernetes-workload-identity-review/references/workflow-and-output.md +166 -0
  410. package/skills/kyverno/README.md +30 -0
  411. package/skills/kyverno/kyverno-policy-review/SKILL.md +43 -0
  412. package/skills/kyverno/kyverno-policy-review/metadata.json +30 -0
  413. package/skills/kyverno/kyverno-policy-review/references/mcp-and-evidence.md +49 -0
  414. package/skills/kyverno/kyverno-policy-review/references/official-sources.md +31 -0
  415. package/skills/kyverno/kyverno-policy-review/references/workflow-and-output.md +106 -0
  416. package/skills/oci/README.md +63 -0
  417. package/skills/oci/oci-certificates-issuer-review/SKILL.md +37 -0
  418. package/skills/oci/oci-certificates-issuer-review/metadata.json +20 -0
  419. package/skills/oci/oci-certificates-issuer-review/references/workflow-and-output.md +207 -0
  420. package/skills/oci/oci-live-network-security-rule-guard/SKILL.md +57 -0
  421. package/skills/oci/oci-live-network-security-rule-guard/metadata.json +28 -0
  422. package/skills/oci/oci-live-network-security-rule-guard/references/official-sources.md +21 -0
  423. package/skills/oci/oci-live-network-security-rule-guard/references/permission-model.md +65 -0
  424. package/skills/oci/oci-live-network-security-rule-guard/references/preflight-commands.md +69 -0
  425. package/skills/oci/oci-live-network-security-rule-guard/references/rollback-playbook.md +79 -0
  426. package/skills/opentelemetry/README.md +31 -0
  427. package/skills/opentelemetry/opentelemetry-collector-config-review/SKILL.md +44 -0
  428. package/skills/opentelemetry/opentelemetry-collector-config-review/metadata.json +30 -0
  429. package/skills/opentelemetry/opentelemetry-collector-config-review/references/mcp-and-evidence.md +49 -0
  430. package/skills/opentelemetry/opentelemetry-collector-config-review/references/official-sources.md +31 -0
  431. package/skills/opentelemetry/opentelemetry-collector-config-review/references/workflow-and-output.md +155 -0
  432. package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +38 -0
  433. package/skills/prometheus/prometheus-alerting-cardinality-review/metadata.json +22 -0
  434. package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +221 -0
  435. package/skills/sigstore/sigstore-cosign-supply-chain-review/SKILL.md +39 -0
  436. package/skills/sigstore/sigstore-cosign-supply-chain-review/metadata.json +22 -0
  437. package/skills/sigstore/sigstore-cosign-supply-chain-review/references/workflow-and-output.md +196 -0
  438. package/skills/terraform/README.md +29 -0
  439. package/skills/velero/velero-backup-restore-guard/SKILL.md +41 -0
  440. package/skills/velero/velero-backup-restore-guard/metadata.json +21 -0
  441. package/skills/velero/velero-backup-restore-guard/references/safety-checklist.md +40 -0
  442. package/skills/velero/velero-backup-restore-guard/references/workflow-and-output.md +202 -0
package/skills/fluxcd/fluxcd-kustomization-helmrelease-review/references/workflow-and-output.md ADDED
@@ -0,0 +1,243 @@
1
+ # Workflow and output contract
2
+
3
+ Use this reference only when performing a full FluxCD Kustomization or HelmRelease review, producing implementation guidance, triaging a GitOps drift incident, or completing a production-readiness pass.
4
+
5
+ ## Review domains
6
+
7
+ Check these areas before giving a verdict:
8
+
9
+ - `GitRepository` source trust: commit signature verification, semver pinning, SOPS decryption config
10
+ - `Kustomization` ServiceAccount scoping, prune safety, and health check completeness
11
+ - `HelmRelease` chart version pinning, upgrade remediation strategy, and timeout settings
12
+ - `HelmRepository` and `OCIRepository` source authentication and trust
13
+ - SOPS encryption status: whether Secret manifests in Git are encrypted
14
+ - Multi-tenant ServiceAccount isolation: whether tenant Kustomizations use scoped SAs
15
+
16
+ ## Safe workflow
17
+
18
+ 1. **Frame scope**
19
+ - Cluster name and environment (dev / staging / production):
20
+ - Flux version (`flux version`):
21
+ - Number of Kustomizations and HelmReleases under review:
22
+ - Multi-tenant mode in use (yes / no):
23
+ - Required outcome:
24
+ - Explicit non-goals:
25
+
26
+ 2. **Collect evidence**
27
+ - Prefer user-provided sanitized resource YAML as primary evidence.
28
+ - Supplement with `flux get all -A` and `flux get sources all -A` output if available.
29
+ - Label each finding as `live evidence`, `user-provided evidence`, `documentation-based`, or `inference`.
30
+
31
+ 3. **Assess GitRepository source trust**
32
+ Review `spec.ref` type and value, signature verification, and interval:
33
+ ```yaml
34
+ apiVersion: source.toolkit.fluxcd.io/v1
35
+ kind: GitRepository
36
+ metadata:
37
+ name: fleet-infra
38
+ namespace: flux-system
39
+ spec:
40
+ interval: 1m
41
+ url: https://github.com/org/fleet-infra
42
+ ref:
43
+ # SAFE: pinned branch
44
+ branch: main
45
+ # HIGH risk: unbound semver — any tag triggers deploy
46
+ # semver: ">=0.0.0"
47
+ verify:
48
+ # REQUIRED for production: commit GPG signature verification
49
+ mode: HEAD
50
+ secretRef:
51
+ name: pgp-public-keys
52
+ ```
53
+ Absence of `spec.verify.secretRef` on a production source is a HIGH finding.
54
+ `spec.ref.semver: ">=0.0.0"` is a HIGH finding.
55
+
56
+ 4. **Verify SOPS encryption**
57
+ Check whether `Secret` kind manifests exist in the Git repository unencrypted:
58
+ ```bash
59
+ # Find unencrypted Secret manifests in the repo
60
+ grep -rl 'kind: Secret' . | xargs grep -L 'sops:'
61
+
62
+ # CORRECT: SOPS-encrypted secret — sops: field present
63
+ apiVersion: v1
64
+ kind: Secret
65
+ metadata:
66
+ name: db-credentials
67
+ sops:
68
+ kms:
69
+ - arn: arn:aws:kms:us-east-1:111122223333:key/...
70
+ data:
71
+ password: ENC[AES256_GCM,data:...,type:str]
72
+
73
+ # CRITICAL: plaintext secret committed to Git
74
+ apiVersion: v1
75
+ kind: Secret
76
+ data:
77
+ password: cGFzc3dvcmQ= # base64 only — trivially decodable
78
+ ```
79
+ Any plaintext `Secret` manifest in a Git source is a CRITICAL finding.
80
+
81
+ 5. **Assess Kustomization ServiceAccount and prune settings**
82
+ ```yaml
83
+ apiVersion: kustomize.toolkit.fluxcd.io/v1
84
+ kind: Kustomization
85
+ metadata:
86
+ name: tenant-a-workloads
87
+ namespace: flux-system
88
+ spec:
89
+ interval: 5m
90
+ path: ./clusters/prod/tenant-a
91
+ prune: true
92
+ # REQUIRED: scoped SA — otherwise kustomize-controller SA (cluster-admin) is used
93
+ serviceAccountName: tenant-a-reconciler
94
+ sourceRef:
95
+ kind: GitRepository
96
+ name: fleet-infra
97
+ healthChecks:
98
+ - apiVersion: apps/v1
99
+ kind: Deployment
100
+ name: api-server
101
+ namespace: tenant-a
102
+ ```
103
+ Missing `serviceAccountName` is a HIGH finding. `prune: true` on a Kustomization covering
104
+ StatefulSets or PVCs without prune-disabled annotations is a HIGH finding.
105
+ Missing `healthChecks` means Flux reports Applied even when Deployments are crash-looping.
106
+
107
+ 6. **Protect stateful resources from prune**
108
+ ```yaml
109
+ # Add this annotation to any resource that must never be pruned
110
+ metadata:
111
+ annotations:
112
+ kustomize.toolkit.fluxcd.io/prune: disabled
113
+ ```
114
+ Review whether CRDs, PVCs, and namespaces containing production databases carry this annotation
115
+ when `spec.prune: true` is set on the parent Kustomization.
116
+
117
+ 7. **Assess HelmRelease version pinning and remediation**
118
+ ```yaml
119
+ apiVersion: helm.toolkit.fluxcd.io/v2
120
+ kind: HelmRelease
121
+ metadata:
122
+ name: nginx-ingress
123
+ namespace: ingress-nginx
124
+ spec:
125
+ interval: 10m
126
+ chart:
127
+ spec:
128
+ chart: ingress-nginx
129
+ # SAFE: pinned version
130
+ version: "4.9.1"
131
+ # HIGH risk: floating version — any new chart triggers auto-upgrade
132
+ # version: "*"
133
+ sourceRef:
134
+ kind: HelmRepository
135
+ name: ingress-nginx
136
+ upgrade:
137
+ remediation:
138
+ # SAFE: bounded retries
139
+ retries: 3
140
+ remediateLastFailure: true
141
+ # MEDIUM risk: infinite retries block reconciliation loops
142
+ # retries: -1
143
+ timeout: 5m
144
+ ```
145
+
146
+ 8. **Check multi-tenant isolation**
147
+ In a multi-tenant Flux setup, each tenant namespace should have a dedicated ServiceAccount
148
+ with scoped RBAC:
149
+ ```yaml
150
+ apiVersion: v1
151
+ kind: ServiceAccount
152
+ metadata:
153
+ name: tenant-a-reconciler
154
+ namespace: tenant-a
155
+ ---
156
+ apiVersion: rbac.authorization.k8s.io/v1
157
+ kind: RoleBinding
158
+ metadata:
159
+ name: tenant-a-reconciler
160
+ namespace: tenant-a
161
+ subjects:
162
+ - kind: ServiceAccount
163
+ name: tenant-a-reconciler
164
+ namespace: tenant-a
165
+ roleRef:
166
+ kind: ClusterRole
167
+ name: edit
168
+ apiGroup: rbac.authorization.k8s.io
169
+ ```
170
+ If all Kustomizations use the default `flux-system/kustomize-controller` SA, any tenant's Git
171
+ source compromise gives cluster-admin-equivalent write to the entire cluster.
172
+
173
+ 9. **Validate Flux health**
174
+ ```bash
175
+ # Check overall Flux reconciliation status
176
+ flux get all -A
177
+
178
+ # Check specific Kustomization
179
+ flux get kustomization <name> -n flux-system
180
+
181
+ # Check HelmRelease status
182
+ flux get helmrelease <name> -n <namespace>
183
+
184
+ # Check GitRepository source
185
+ flux get source git <name> -n flux-system
186
+
187
+ # Force reconciliation for testing
188
+ flux reconcile kustomization <name> --with-source
189
+
190
+ # Verify commit signature verification config
191
+ kubectl get gitrepository <name> -n flux-system -o jsonpath='{.spec.verify}'
192
+ ```
193
+
194
+ ## Output contract
195
+
196
+ Return this structure:
197
+
198
+ ```markdown
199
+ # FluxCD Kustomization and HelmRelease Review: <scope>
200
+
201
+ ## Executive verdict
202
+ - Status: READY / READY WITH RISKS / NOT READY / NEEDS EVIDENCE
203
+ - Biggest risk:
204
+ - Evidence level:
205
+
206
+ ## Scope and assumptions
207
+ - Cluster / namespace:
208
+ - Flux version:
209
+ - Resources reviewed:
210
+ - Confirmed:
211
+ - Unknown:
212
+ - Out of scope:
213
+
214
+ ## Findings
215
+
216
+ | Severity | Resource | Field | Finding | Evidence | Why it matters | Minimum safe action |
217
+ |---|---|---|---|---|---|---|
218
+
219
+ ## Source trust summary
220
+
221
+ | Source name | Kind | Ref type | Commit verification | SOPS enabled |
222
+ |---|---|---|---|---|
223
+
224
+ ## Kustomization summary
225
+
226
+ | Name | Namespace | ServiceAccount | Prune | Health checks |
227
+ |---|---|---|---|---|
228
+
229
+ ## HelmRelease summary
230
+
231
+ | Name | Chart version | Upgrade retries | Timeout |
232
+ |---|---|---|---|
233
+
234
+ ## Recommended actions
235
+ 1. <action> — owner: <owner>, validation: <check>, rollback: <rollback>
236
+
237
+ ## Validation
238
+ - Commands or checks:
239
+ - Expected result:
240
+
241
+ ## Residual risk
242
+ - <risk or explicit none>
243
+ ```
package/skills/istio/README.md ADDED
@@ -0,0 +1,28 @@
1
+ # 🕸️ Istio Skills
2
+
3
+ <p align="center">
4
+ <!-- 🖼️ Add an Istio logo to assets/logos/cnative/istio/ and update this path -->
5
+ <span style="font-size:3.5em">🕸️</span>
6
+ </p>
7
+
8
+ This folder contains Istio-focused skills curated for this marketplace.
9
+
10
+ ## Local marketplace portfolio
11
+
12
+ This folder contains **1** local Istio skill:
13
+
14
+ - `istio-ambient-mesh-review`
15
+
16
+ ## Portfolio posture
17
+
18
+ Istio skills for evidence-backed service mesh review covering both **sidecar mode** and **ambient mode** (ztunnel + optional waypoint proxies). Ambient mode introduces a layered architecture where L4 zero-trust is enforced at ztunnel and L7 features require an explicit waypoint deployment.
19
+
20
+ These skills are intentionally conservative:
21
+
22
+ - prefer `kubectl get peerauthentication,authorizationpolicy,gateway,virtualservice,destinationrule,sidecar -A -o yaml` for live mesh state grounding before any review
23
+ - treat **L7 `AuthorizationPolicy` rules in ambient mode without a waypoint** as a critical finding — the L7 fields are silently ignored when ztunnel handles the traffic alone
24
+ - challenge `PeerAuthentication` with `mode: PERMISSIVE` or `DISABLE` in production — mTLS must be `STRICT`
25
+ - challenge mesh-wide `PeerAuthentication` changes — the blast radius is the whole mesh
26
+ - use official Istio documentation (istio.io) for ambient architecture, ztunnel internals, waypoint placement, HBONE protocol, and `AuthorizationPolicy` semantic differences between sidecar and ambient modes
27
+
28
+ Run `npm run validate` after changing cataloged Istio skills.
package/skills/istio/istio-ambient-mesh-review/SKILL.md ADDED
@@ -0,0 +1,43 @@
1
+ ---
2
+ name: istio-ambient-mesh-review
3
+ description: Use this skill for Istio service mesh review across both sidecar mode and ambient mode (ztunnel L4 + optional waypoint L7). Covers PeerAuthentication, AuthorizationPolicy, RequestAuthentication, Gateway, VirtualService, DestinationRule, Sidecar, and waypoint placement. Trigger when the user asks whether an Istio policy is correct, whether mTLS is strict, whether L7 AuthorizationPolicy will actually be enforced in ambient mode, or whether a mesh-wide PeerAuthentication change is safe.
4
+ metadata:
5
+ author: "github: Raishin"
6
+ version: "0.1.0"
7
+ ---
8
+
9
+ # Istio Ambient Mesh Review
10
+
11
+ ## Purpose
12
+
13
+ Review Istio configuration against zero-trust correctness and the most common ambient-mode trap: **L7 `AuthorizationPolicy` rules silently ignored when no waypoint is deployed**. Ambient mode uses ztunnel for L4 zero-trust on every node, but L7 features (HTTP method, path, JWT claim matching, request header inspection) require an explicit waypoint proxy. Without one, the L7 rules in the policy are accepted but never enforced.
14
+
15
+ ## Lean operating rules
16
+
17
+ - Prefer live cluster evidence (`kubectl get peerauthentication,authorizationpolicy,requestauthentication,gateway,virtualservice,destinationrule,sidecar -A -o yaml` plus `istioctl analyze` and `istioctl x ztunnel-config`) when the active client exposes it; otherwise fall back to official Istio documentation (istio.io) and sanitized YAML.
18
+ - Separate confirmed facts from inference. If mesh mode (sidecar vs ambient), waypoint deployment, and namespace labels were not queried, say so.
19
+ - **Ambient L7 policy without a waypoint is a critical finding** — the policy looks active, the API server accepts it, but ztunnel only enforces L4. The L7 fields are silently bypassed.
20
+ - Treat `PeerAuthentication` with `mode: PERMISSIVE` or `mode: DISABLE` in production as a critical finding — mTLS is the foundation of mesh zero-trust.
21
+ - Treat any mesh-wide (root namespace) `PeerAuthentication` change as a critical-blast-radius finding — the entire mesh is affected at once.
22
+ - Challenge `AuthorizationPolicy` with `action: ALLOW` and broad `from` selectors — the default action when no policy is provisioned is ALLOW, so the only thing that creates zero-trust is a deny policy or an explicit ALLOW with bounded scope.
23
+ - Challenge `RequestAuthentication` JWKs URL changes — JWT validation depends on this.
24
+ - Keep the answer scoped, reversible, least-privilege, and explicit about blockers or unknowns.
25
+
26
+ ## References
27
+
28
+ Load these only when needed:
29
+
30
+ - [Evidence path and tooling](references/mcp-and-evidence.md) — use when choosing live cluster evidence, confirming mesh mode and waypoint deployment, or switching to documentation mode.
31
+ - [Workflow and output contract](references/workflow-and-output.md) — use when executing the full review, applying ambient/sidecar stress checks, or formatting the final answer.
32
+ - [Official sources](references/official-sources.md) — use when you need the detailed Istio documentation list, ambient mode internals, and grounded insights.
33
+
34
+ ## Response minimum
35
+
36
+ Return, at minimum:
37
+
38
+ - the scoped target (mesh-wide vs namespace-scoped vs workload-scoped) and evidence level,
39
+ - the mesh mode (sidecar, ambient, mixed) and the waypoint deployment state for the workloads involved,
40
+ - the mTLS posture (`STRICT` / `PERMISSIVE` / `DISABLE`) on PeerAuthentication,
41
+ - the AuthorizationPolicy enforcement layer (L4 ztunnel-enforced vs L7 waypoint-enforced) and whether L7 rules will actually run,
42
+ - the safest next actions and rollback plan,
43
+ - the assumptions or blockers that prevent stronger conclusions.
package/skills/istio/istio-ambient-mesh-review/metadata.json ADDED
@@ -0,0 +1,30 @@
1
+ {
2
+ "id": "istio-ambient-mesh-review",
3
+ "name": "Istio Ambient Mesh Review",
4
+ "type": "skill",
5
+ "provider": "istio",
6
+ "harnesses": [
7
+ "codex",
8
+ "claude-code",
9
+ "cursor",
10
+ "gemini",
11
+ "kiro",
12
+ "other"
13
+ ],
14
+ "summary": "Review Istio service mesh configuration across both sidecar mode and ambient mode (ztunnel + waypoint), with focus on the ambient L7 policy trap, PeerAuthentication mTLS posture, AuthorizationPolicy enforcement layer, and mesh-wide blast radius.",
15
+ "source_type": "original",
16
+ "official_docs": [
17
+ "https://istio.io/latest/docs/",
18
+ "https://istio.io/latest/docs/ambient/overview/",
19
+ "https://istio.io/latest/docs/ambient/usage/l4-policy/",
20
+ "https://istio.io/latest/docs/ambient/usage/waypoint/",
21
+ "https://istio.io/latest/docs/overview/dataplane-modes/",
22
+ "https://istio.io/latest/docs/reference/config/security/peer_authentication/",
23
+ "https://istio.io/latest/docs/reference/config/security/authorization-policy/"
24
+ ],
25
+ "security_notes": "L7 AuthorizationPolicy rules in ambient mode are silently ignored when no waypoint is deployed — ztunnel only enforces L4. PeerAuthentication PERMISSIVE or DISABLE in production breaks mesh zero-trust. Mesh-wide root-namespace PeerAuthentication change has cluster-wide blast radius.",
26
+ "last_verified": "2026-05-01",
27
+ "path": "skills/istio/istio-ambient-mesh-review",
28
+ "author": "github: Raishin",
29
+ "version": "0.1.0"
30
+ }
package/skills/istio/istio-ambient-mesh-review/references/mcp-and-evidence.md ADDED
@@ -0,0 +1,59 @@
1
+ # Evidence Path and Tooling
2
+
3
+ ## Evidence path
4
+
5
+ 1. Prefer live cluster evidence when a Kubernetes MCP server, `kubectl`, and `istioctl` are available against the mesh's primary cluster.
6
+ 2. Fall back to the official Istio documentation (istio.io) for ambient/sidecar architecture, policy semantics, and CRD schema when live inspection is unavailable.
7
+ 3. Ask only for sanitized YAML for the affected resources (`PeerAuthentication`, `AuthorizationPolicy`, `RequestAuthentication`, `Gateway`, `VirtualService`, `DestinationRule`, `Sidecar`, namespace labels) when current-state proof matters.
8
+ 4. Label conclusions as `live evidence`, `documentation-based`, `sanitized user evidence`, or `inference`.
9
+
10
+ ## Useful live-evidence commands
11
+
12
+ ```shell
13
+ # All Istio security and traffic policies across the cluster
14
+ kubectl get peerauthentication,authorizationpolicy,requestauthentication,gateway,virtualservice,destinationrule,sidecar -A -o yaml
15
+
16
+ # Confirm mesh mode (ambient vs sidecar) — namespace labels
17
+ kubectl get namespaces --show-labels | grep -E 'istio.io/dataplane-mode|istio-injection'
18
+
19
+ # Ambient: list waypoint deployments and bindings
20
+ kubectl get gateways.gateway.networking.k8s.io -A -l istio.io/waypoint-for
21
+ kubectl get pods -A -l gateway.networking.k8s.io/gateway-name
22
+
23
+ # Inspect ztunnel state on each node
24
+ kubectl -n istio-system get daemonset ztunnel
25
+ istioctl x ztunnel-config workload # what ztunnel sees as in-mesh workloads
26
+ istioctl x ztunnel-config policies # what L4 policies ztunnel is enforcing
27
+ istioctl x ztunnel-config services # service-to-workload mapping
28
+
29
+ # Validate proposed changes before applying
30
+ istioctl analyze -n <namespace>
31
+ istioctl analyze --recursive .
32
+
33
+ # For sidecar mode: which workloads have sidecars injected
34
+ kubectl get pods -A -o jsonpath='{range .items[?(@.metadata.annotations.sidecar\.istio\.io/inject!="false")]}{.metadata.namespace}/{.metadata.name}{"\n"}{end}'
35
+
36
+ # Inspect effective policy at a specific workload
37
+ istioctl proxy-config listener <pod>.<namespace>
38
+ istioctl proxy-config cluster <pod>.<namespace>
39
+ istioctl authz check <pod>.<namespace>
40
+
41
+ # Mesh control-plane state
42
+ kubectl -n istio-system get deploy istiod -o yaml
43
+ istioctl version
44
+ istioctl proxy-status
45
+ ```
46
+
47
+ ## Mesh state to confirm before review
48
+
49
+ - **Mesh mode per namespace** — sidecar (`istio-injection=enabled`), ambient (`istio.io/dataplane-mode=ambient`), or none. A single mesh can mix modes; conclusions differ.
50
+ - **Waypoint deployment for ambient namespaces** — `kubectl get gateways.gateway.networking.k8s.io -n <namespace> -l istio.io/waypoint-for`. Without a waypoint, L7 AuthorizationPolicy rules in that namespace are not enforced.
51
+ - **Istio version** (`istioctl version`) — ambient went GA in 1.24; older versions have different semantics.
52
+ - **Whether `PeerAuthentication` exists in the mesh root namespace** (default `istio-system` or whatever `meshConfig.rootNamespace` points to). Mesh-wide policies live there.
53
+ - **Whether multi-cluster (multi-primary or primary-remote)** is in use — `AuthorizationPolicy` evaluation crosses cluster boundaries when mesh networking is configured.
54
+
55
+ ## Sanitization rules
56
+
57
+ - Never request kubeconfig contents, mesh root CA private keys, JWKs private keys, or workload service-account tokens.
58
+ - Replace identifiable cluster URLs, JWT issuer URLs (when sensitive), and namespace names with placeholders unless the user provides them.
59
+ - Do not print Istio root CA certificates beyond their public certificate body.
package/skills/istio/istio-ambient-mesh-review/references/official-sources.md ADDED
@@ -0,0 +1,32 @@
1
+ # Official Sources
2
+
3
+ Load these only when needed:
4
+
5
+ - [Istio documentation home](https://istio.io/latest/docs/) — use as the entry point for any Istio question.
6
+ - [Choosing between sidecar and ambient](https://istio.io/latest/docs/overview/dataplane-modes/) — use when deciding mesh mode or auditing a mixed-mode mesh.
7
+ - [Ambient mode overview](https://istio.io/latest/docs/ambient/overview/) — use for the layered architecture (ztunnel L4 + optional waypoint L7), HBONE protocol, and zero-trust posture.
8
+ - [L4 Authorization Policy in ambient](https://istio.io/latest/docs/ambient/usage/l4-policy/) — use for the L4-only fields ztunnel enforces and the default-ALLOW behavior.
9
+ - [Waypoint configuration](https://istio.io/latest/docs/ambient/usage/waypoint/) — use for waypoint deployment, binding via `istio.io/use-waypoint`, and the L7 features that require it.
10
+ - [PeerAuthentication API reference](https://istio.io/latest/docs/reference/config/security/peer_authentication/) — use for `STRICT` / `PERMISSIVE` / `DISABLE` semantics, mesh-wide vs namespace-scoped vs workload-scoped placement, and port-level overrides.
11
+ - [AuthorizationPolicy API reference](https://istio.io/latest/docs/reference/config/security/authorization-policy/) — use for `ALLOW` / `DENY` / `AUDIT` / `CUSTOM` actions, evaluation order, source/destination matchers, and L4 vs L7 field semantics.
12
+ - [RequestAuthentication API reference](https://istio.io/latest/docs/reference/config/security/request_authentication/) — use for JWT validation, `jwksUri`, `issuer`, `audiences`, `forwardOriginalToken`.
13
+ - [Gateway API reference](https://istio.io/latest/docs/reference/config/networking/gateway/) — use for ingress/egress gateway TLS modes, port configuration, and `credentialName` SDS pattern.
14
+ - [VirtualService API reference](https://istio.io/latest/docs/reference/config/networking/virtual-service/) — use for `match`, `rewrite`, `redirect`, `route` weighting, fault injection, retry, timeout.
15
+ - [DestinationRule API reference](https://istio.io/latest/docs/reference/config/networking/destination-rule/) — use for client-side mTLS, load balancing, connection pool, outlier detection, subset definitions.
16
+ - [Sidecar API reference](https://istio.io/latest/docs/reference/config/networking/sidecar/) — use for narrowing sidecar `egress.hosts` and reducing config-distribution overhead.
17
+ - [Multi-cluster setup guides](https://istio.io/latest/docs/setup/install/multicluster/) — use when the mesh spans clusters (multi-primary, primary-remote, multi-network).
18
+ - [istioctl reference](https://istio.io/latest/docs/reference/commands/istioctl/) — use for `istioctl analyze`, `istioctl x ztunnel-config`, `istioctl proxy-config`, `istioctl authz check`.
19
+ - [Istio Releases](https://istio.io/latest/news/releases/) — use when version-specific features matter (ambient GA in 1.24, waypoint API stabilization, etc.).
20
+
21
+ ## Grounded insights worth carrying into the skill
22
+
23
+ - Ambient mode is a **layered architecture**: ztunnel handles L4 zero-trust for every pod in the mesh by default, and waypoint proxies are added only for the workloads that need L7 features (HTTP method/path matching, JWT claim authorization, request header inspection, traffic management).
24
+ - **An L7 `AuthorizationPolicy` rule on an ambient namespace with no waypoint is silently ignored.** The API server accepts the policy, but ztunnel only enforces L4 fields. This is the most-cited operational trap in ambient mode.
25
+ - The default action when no `AuthorizationPolicy` exists is **ALLOW**. Zero-trust posture requires explicit `DENY` policies or narrow `ALLOW` policies that collectively leave nothing reachable. `DENY` is evaluated before `ALLOW`.
26
+ - `PeerAuthentication` mTLS modes inherit from mesh → namespace → workload, with the most-specific policy winning. A mesh-wide `STRICT` policy can be locally weakened by a workload-scoped `DISABLE` policy on a specific port.
27
+ - Ambient mode requires **no pod restart** to add a workload to the mesh — labeling the namespace `istio.io/dataplane-mode=ambient` is sufficient. This is operationally simpler than sidecar injection but means changes can propagate faster than reviewers expect.
28
+ - The mesh root namespace (default `istio-system`, configurable via `meshConfig.rootNamespace`) is the only place where mesh-wide `PeerAuthentication` and `AuthorizationPolicy` can be authored. Anything there has cluster-wide blast radius.
29
+ - Waypoint placement uses Gateway API resources (`gateways.gateway.networking.k8s.io`) labeled `istio.io/waypoint-for`. A namespace-level waypoint protects all workloads in the namespace; a ServiceAccount-level waypoint protects all workloads using that SA; a workload-level waypoint binds via `istio.io/use-waypoint` annotation.
30
+ - ztunnel uses the **HBONE protocol** (HTTP/2 over mTLS, port 15008) for ztunnel-to-ztunnel communication. Network policy that blocks 15008 between nodes will break ambient mesh traffic.
31
+ - Sidecar mode and ambient mode workloads can communicate within one mesh — Istio bridges between them transparently. Ambient pods see sidecar pod connections as mTLS-authenticated peers.
32
+ - `istioctl analyze` runs the same checks Istiod runs at startup and is the safest pre-apply validator. CI pipelines should run it on every Istio config change.
package/skills/istio/istio-ambient-mesh-review/references/workflow-and-output.md ADDED
@@ -0,0 +1,128 @@
1
+ # Workflow and Output Contract
2
+
3
+ ## Workflow
4
+
5
+ ### Step 1 — Identify mesh mode for the affected namespaces
6
+
7
+ Istio supports three deployment modes that can coexist in one mesh. The review path differs based on mode.
8
+
9
+ 1. **Sidecar mode** — pods have an Envoy sidecar injected. Namespace labeled `istio-injection=enabled`. All policy is enforced at the sidecar.
10
+ 2. **Ambient mode** — no sidecars; ztunnel runs as a per-node DaemonSet for L4 zero-trust + optional waypoint proxies for L7. Namespace labeled `istio.io/dataplane-mode=ambient`.
11
+ 3. **Mixed** — some workloads in a namespace use sidecars, others use ambient. Verify per-pod with annotations.
12
+
13
+ Reference: [Choosing between sidecar and ambient](https://istio.io/latest/docs/overview/dataplane-modes/) and [Ambient mode overview](https://istio.io/latest/docs/ambient/overview/).
14
+
15
+ ### Step 2 — Confirm waypoint deployment for ambient namespaces (the L7 trap)
16
+
17
+ This is the most important ambient-specific check. Without a waypoint, L7 `AuthorizationPolicy` rules are silently ignored.
18
+
19
+ 1. List waypoints: `kubectl get gateways.gateway.networking.k8s.io -n <namespace> -l istio.io/waypoint-for`.
20
+ 2. Confirm the waypoint binding label on the namespace, ServiceAccount, or workload (`istio.io/use-waypoint: <waypoint-name>`).
21
+ 3. Cross-reference any `AuthorizationPolicy` that uses L7 fields (`to.operation.methods`, `to.operation.paths`, `to.operation.hosts`, `when` keys for `request.headers`, `request.auth.claims`) — if no waypoint is bound to the workload, **the L7 rules are accepted by the API server but never enforced**.
22
+
23
+ The L4 fields that ztunnel enforces without a waypoint:
24
+
25
+ - `from.source.principals` (SPIFFE identities — the workload's ServiceAccount mTLS identity)
26
+ - `from.source.namespaces`
27
+ - `to.operation.ports`
28
+ - `when` keys: `source.principal`, `source.namespace`, `destination.port`, `connection.sni`
29
+
30
+ Reference: [L4 Authorization Policy in ambient](https://istio.io/latest/docs/ambient/usage/l4-policy/) and [Waypoint configuration](https://istio.io/latest/docs/ambient/usage/waypoint/).
31
+
32
+ ### Step 3 — Audit `PeerAuthentication`
33
+
34
+ `PeerAuthentication` controls workload-to-workload mTLS. Three modes exist with very different security properties:
35
+
36
+ 1. **`STRICT`** — all peer connections must use mTLS. Plaintext connections are rejected. Production target.
37
+ 2. **`PERMISSIVE`** — accepts both mTLS and plaintext. Useful only during migration.
38
+ 3. **`DISABLE`** — disables mTLS. Plaintext only.
39
+
40
+ Stress-tests:
41
+
42
+ - **Mesh-wide PeerAuthentication** lives in the mesh root namespace (default `istio-system`). A change here affects every workload in every namespace simultaneously. Treat as critical-blast-radius.
43
+ - **Namespace-scoped PeerAuthentication** with `mode: PERMISSIVE` in production is a finding — there is no migration in progress; this is technical debt.
44
+ - **Workload-scoped PeerAuthentication** with `mode: DISABLE` for a specific port (e.g., a health-check port) is sometimes legitimate but always requires justification.
45
+ - A namespace with **no `PeerAuthentication`** inherits mesh-wide. If mesh-wide is `PERMISSIVE`, the namespace is also `PERMISSIVE`.
46
+
47
+ Reference: [PeerAuthentication API](https://istio.io/latest/docs/reference/config/security/peer_authentication/).
48
+
49
+ ### Step 4 — Audit `AuthorizationPolicy`
50
+
51
+ `AuthorizationPolicy` controls who can talk to whom. Default action when no policy exists is **ALLOW** — there is no implicit deny. Zero-trust requires explicit deny policies or explicit narrow ALLOW policies that combine to leave nothing reachable by default.
52
+
53
+ Three actions: `ALLOW`, `DENY`, `CUSTOM`, `AUDIT`.
54
+
55
+ 1. **`DENY` policies are evaluated first**, then `ALLOW`. If multiple match, DENY wins.
56
+ 2. **Empty `rules` with `action: DENY`** denies everything — total lockdown.
57
+ 3. **`action: ALLOW` with no `from` block** allows from anywhere — only useful for narrowing by `to`.
58
+ 4. **`action: ALLOW` with `from.source.principals: ['*']`** is also "anywhere" — no practical narrowing.
59
+
60
+ Stress-tests:
61
+
62
+ - An `AuthorizationPolicy` with `action: ALLOW` and `from.source.namespaces: ['*']` is a documentation-only deny — it allows all and denies none.
63
+ - L7 fields (`to.operation.methods`, `request.auth.claims`) in ambient mode without a waypoint are silently bypassed.
64
+ - `action: AUDIT` is a logging-only mode that does not enforce — use only for migration.
65
+ - Multi-cluster mesh: `AuthorizationPolicy` in one cluster can affect workloads called from another cluster; verify mesh networking topology.
66
+
67
+ Reference: [AuthorizationPolicy API](https://istio.io/latest/docs/reference/config/security/authorization-policy/).
68
+
69
+ ### Step 5 — Audit `RequestAuthentication`
70
+
71
+ `RequestAuthentication` defines JWT validation — `jwksUri`, `issuer`, `audiences`, `forwardOriginalToken`. Key concerns:
72
+
73
+ 1. **JWKs URI rotation** — if the issuer rotates signing keys, Istio caches the JWKs response. The `jwksUri` URL must remain reachable; outages here cause every JWT to fail.
74
+ 2. **`forwardOriginalToken: true`** with sensitive JWTs forwards the bearer token to backend services — they must be trusted.
75
+ 3. **`audiences: []` or missing** — accepts JWTs intended for any audience. Cross-service token replay risk.
76
+ 4. **Multiple `RequestAuthentication` for the same workload** — Istio combines them. A misconfigured second one can weaken a strict first one.
77
+
78
+ Reference: [RequestAuthentication API](https://istio.io/latest/docs/reference/config/security/request_authentication/).
79
+
80
+ ### Step 6 — Audit `Gateway`, `VirtualService`, `DestinationRule`, `Sidecar`
81
+
82
+ Traffic routing concerns:
83
+
84
+ - **`Gateway` with `tls.mode: SIMPLE` and no `credentialName`** — broken or insecure TLS termination.
85
+ - **`Gateway` with `tls.mode: PASSTHROUGH`** plus L7 routing in `VirtualService` — incompatible (passthrough cannot be inspected).
86
+ - **`VirtualService.http.route` with `weight`-based traffic split** — verify total weights sum to 100; otherwise traffic is dropped.
87
+ - **`DestinationRule.trafficPolicy.tls.mode: DISABLE`** on production destinations — disables Istio-side mTLS to the destination.
88
+ - **`Sidecar` resource with `egress.hosts: ['*/*']`** — disables egress restriction.
89
+
90
+ Reference: [Gateway API](https://istio.io/latest/docs/reference/config/networking/gateway/), [VirtualService API](https://istio.io/latest/docs/reference/config/networking/virtual-service/), [DestinationRule API](https://istio.io/latest/docs/reference/config/networking/destination-rule/), [Sidecar API](https://istio.io/latest/docs/reference/config/networking/sidecar/).
91
+
92
+ ### Step 7 — Validate with `istioctl analyze`
93
+
94
+ `istioctl analyze` runs the same checks the control plane runs and surfaces structural problems. Run it on the proposed YAML before applying:
95
+
96
+ ```shell
97
+ istioctl analyze -n <namespace> # one namespace
98
+ istioctl analyze --all-namespaces # whole mesh
99
+ istioctl analyze --recursive ./manifests/ # offline against files
100
+ ```
101
+
102
+ Common findings:
103
+
104
+ - `IST0101` — referenced resource not found (e.g., `VirtualService` references a missing host).
105
+ - `IST0118` — port name not following Istio's protocol convention (e.g., `tcp` vs `tcp-mysql`).
106
+ - `IST0127` — namespace not labeled for injection.
107
+
108
+ ## Output
109
+
110
+ Return:
111
+
112
+ - **target**: the resource and its scope (mesh-wide, namespace, workload),
113
+ - **evidence level**: `live evidence` / `documentation-based` / `sanitized user evidence` / `inference`,
114
+ - **mesh mode**: sidecar, ambient, or mixed for the affected workloads,
115
+ - **waypoint state**: deployed and bound, missing, or not applicable (sidecar mode),
116
+ - **L7 enforcement assessment**: whether L7 fields will actually run, with explicit "silently ignored" callouts where applicable,
117
+ - **mTLS posture**: `STRICT` / `PERMISSIVE` / `DISABLE` per workload / namespace / mesh,
118
+ - **risk findings** (with severity: high / medium / low),
119
+ - **safest next actions** with sample manifest changes and `istioctl analyze` output,
120
+ - **rollback plan**: how to revert the change without breaking mesh traffic mid-flight,
121
+ - **assumptions and missing facts**.
122
+
123
+ ## Security notes
124
+
125
+ - Never recommend `PeerAuthentication` `mode: PERMISSIVE` or `DISABLE` for production without a documented mTLS migration plan with a date.
126
+ - Never recommend a mesh-wide root-namespace policy change without staged rollout (single namespace first, observe, expand).
127
+ - Never recommend disabling waypoint enforcement for an ambient namespace if any L7 `AuthorizationPolicy` exists for that namespace.
128
+ - Do not print Istio root CA private keys or JWKs private keys.
package/skills/kubernetes/README.md ADDED
@@ -0,0 +1,30 @@
1
+ # ☸️ Kubernetes Skills
2
+
3
+ <p align="center">
4
+ <!-- 🖼️ Add a Kubernetes logo to assets/logos/cloud/kubernetes/ and update this path -->
5
+ <span style="font-size:3.5em">☸️</span>
6
+ </p>
7
+
8
+ This folder contains Kubernetes-focused skills curated for this marketplace.
9
+
10
+ ## Local marketplace portfolio
11
+
12
+ This folder contains **2** local Kubernetes skills:
13
+
14
+ - `kubernetes-rbac-review`
15
+ - `kubernetes-live-rbac-mutation-guard`
16
+
17
+ ## Portfolio posture
18
+
19
+ Kubernetes skills for evidence-backed RBAC review and guarded live cluster mutation.
20
+
21
+ These skills are intentionally conservative:
22
+
23
+ - prefer `kubectl auth can-i` and `kubectl get ... -o yaml` for live state grounding before any review or mutation
24
+ - capture the full current RBAC object state before every write — RBAC is additive with no built-in undo
25
+ - treat `escalate`, `bind`, and `impersonate` verbs as hard stops requiring platform-team sign-off
26
+ - never approve wildcard verb/resource grants (`verbs: ["*"]` or `resources: ["*"]`) without CISO-level justification
27
+ - always assess cluster-scope vs namespace-scope necessity — prefer a Role over a ClusterRole when namespace scope is sufficient
28
+ - use official Kubernetes documentation for RBAC behavior and policy
29
+
30
+ Run `npm run validate` after changing cataloged Kubernetes skills.
package/skills/kubernetes/external-secrets-operator-review/SKILL.md ADDED
@@ -0,0 +1,37 @@
1
+ ---
2
+ name: external-secrets-operator-review
3
+ description: Use this skill when reviewing External Secrets Operator (ESO) configuration, including SecretStore, ClusterSecretStore, ExternalSecret, and PushSecret resources. Trigger when a user provides ESO YAML manifests, asks about secret rotation interval compliance, questions whether ClusterSecretStore scope is too broad, or wants to audit the auth method used to reach an external secret store (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, HashiCorp Vault, 1Password).
4
+ metadata:
5
+ author: "github: Raishin"
6
+ version: "0.1.0"
7
+ ---
8
+
9
+ # External Secrets Operator Review
10
+
11
+ ## Purpose
12
+ This skill reviews External Secrets Operator configuration for access scope creep, authentication anti-patterns, secret refresh interval compliance, dataFrom blast radius, template misconfiguration, and PushSecret privilege escalation. ESO is a trust bridge between your cluster and your external secret store — a misconfigured ClusterSecretStore or a broad `dataFrom.find` regex can expose every credential in your vault to every namespace, silently, with no audit trail.
13
+
14
+ ## Lean operating rules
15
+ - Treat any `ClusterSecretStore` that lacks a `namespaceSelector` or `namespaces` restriction as HIGH — it grants every namespace in the cluster the ability to reference external secrets through that store.
16
+ - Treat `dataFrom.find` with a regex that matches more than a single defined secret path prefix (e.g., `name.regexp: .*` or `path: /`) as HIGH — it pulls all matching secrets from the external store into one K8s Secret, creating an enormous blast radius if the Secret is mounted or leaked.
17
+ - Treat static credentials in `SecretStore.spec.provider.*.auth.secretRef` (a K8s Secret holding external store credentials) as HIGH — this is a credential-to-access-credentials anti-pattern; prefer IRSA, Azure Workload Identity, GCP Workload Identity, or Vault Kubernetes auth.
18
+ - Treat `refreshInterval` greater than 24 hours on any credential that has an external rotation policy shorter than the interval as MEDIUM — the cluster will use a stale, already-rotated secret until the next sync, breaking the workload.
19
+ - Treat `target.creationPolicy: Owner` without a documented backup or recreation procedure as MEDIUM — accidental deletion of the ExternalSecret deletes the managed K8s Secret, crashing workloads that mount it.
20
+ - Treat `PushSecret` resources with auth scoped to write-all on a store path as HIGH — PushSecret's write path requires elevated permissions; verify the auth scope is minimum-necessary.
21
+ - Flag `target.template` misconfigurations that could silently omit required secret keys — a partial K8s Secret causes workload startup failures or silent use of zero-value credentials.
22
+ - Do not recommend disabling `refreshInterval` entirely (`refreshInterval: 0`) — that disables automatic rotation pickup.
23
+
24
+ ## References
25
+ Load these only when needed:
26
+ - [Workflow and output contract](references/workflow-and-output.md) — use when executing the full review or formatting the final answer.
27
+
28
+ ## Response minimum
29
+ Return, at minimum:
30
+ - SecretStore vs ClusterSecretStore scope assessment (namespace selector coverage)
31
+ - Authentication method findings (IRSA/workload-identity vs static credentials)
32
+ - dataFrom scope audit (find regex blast radius, extract path coverage)
33
+ - refreshInterval compliance findings
34
+ - target.creationPolicy and template correctness findings
35
+ - PushSecret privilege assessment (if present)
36
+ - Severity-labelled finding list (critical / high / medium / low)
37
+ - Safe next actions