kubernetes-security-audit

Official

Secure Kubernetes manifests before deployment.

Authorinfraspecdev
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill finds security misconfigurations in Kubernetes manifests that general-purpose review often misses, helping prevent privilege escalation, data exposure, and unsafe workload settings before deployment.

Core Features & Use Cases

  • RBAC Analysis: Reviews Roles, ClusterRoles, RoleBindings, and ClusterRoleBindings for wildcard permissions, dangerous verbs, and overbroad access.
  • Pod and Workload Security: Checks Deployments, StatefulSets, DaemonSets, Jobs, CronJobs, and Pods for root execution, privilege escalation, host namespace access, and missing hardening settings.
  • Network, Secrets, and Image Review: Validates NetworkPolicies, secret handling, image pinning, service accounts, and Pod Security Standards, with EKS-specific checks when AWS-managed Kubernetes is present.
  • Use Case: A platform engineer can run this Skill against a Helm chart or manifest bundle to catch insecure RBAC, missing network isolation, and weak container security before merge.

Quick Start

Ask the Kubernetes security audit skill to review the attached manifests for RBAC, pod security, network policy, secret handling, and image risks.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: kubernetes-security-audit
Download link: https://github.com/infraspecdev/tesseract/archive/main.zip#kubernetes-security-audit

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.