Zum Hauptinhalt springen
Dieser Inhalt ist noch nicht in Ihrer Sprache verfügbar und wird auf Englisch angezeigt.

Enforce Policy As Code

Skill Verifiziert Aktiv
Teil von:Agent Almanac

Implement policy-as-code enforcement using OPA Gatekeeper or Kyverno to validate and mutate Kubernetes resources according to organizational policies. Covers constraint templates, admission control, audit mode, reporting violations, and integrating with CI/CD pipelines for shift-left policy validation. Use when enforcing resource configuration standards, preventing security misconfigurations such as privileged containers, ensuring compliance before deployment, standardizing naming conventions, or auditing existing cluster resources against policies.

Zweck

To enable organizations to enforce Kubernetes resource standards, prevent security misconfigurations, and ensure compliance through automated policy validation and mutation.

Funktionen

  • Policy enforcement with OPA Gatekeeper or Kyverno
  • Kubernetes resource validation and mutation
  • Audit mode for existing resources
  • CI/CD pipeline integration for shift-left validation
  • Detailed installation and configuration examples

Anwendungsfälle

  • Enforcing resource configuration standards
  • Preventing security misconfigurations (e.g., privileged containers)
  • Ensuring compliance before deployment
  • Standardizing naming conventions and metadata
  • Auditing existing cluster resources against policies

Nicht-Ziele

  • Providing a managed Kubernetes cluster
  • Replacing security scanning tools
  • Enforcing policies outside of Kubernetes resource admission

Documentation

  • info:Configuration & parameter referenceWhile the SKILL.md provides detailed steps and examples, explicit documentation of all parameters for the underlying tools (Helm, kubectl, Gatekeeper/Kyverno CLIs) and their defaults is not provided within the skill's documentation itself.

Code Execution

  • info:ValidationThe skill uses standard CLI tools like `kubectl` and `helm`, which have their own validation, but explicit schema validation for inputs within the skill's scripts is not apparent.

Installation

/plugin install agent-almanac@pjt222-agent-almanac

Qualitätspunktzahl

Verifiziert
98 /100
Analysiert about 21 hours ago

Vertrauenssignale

Letzter Commit1 day ago
GitHub-Inhaber pjt222 (opens in new tab)
Sterne14
Downloads 308 (opens in new tab)
LizenzMIT
Websitepjt222.github.io(opens in new tab)
Status
Quellcode ansehen

Ähnliche Erweiterungen

K8s Manifest Generator

100

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

Skill
wshobson

Setup Container Registry

99

Configure container image registries including GitHub Container Registry (ghcr.io), Docker Hub, and Harbor with automated image scanning, tagging strategies, retention policies, and CI/CD integration for secure image distribution. Use when setting up a private container registry, migrating from Docker Hub to self-hosted registries, implementing vulnerability scanning in CI/CD pipelines, managing multi-architecture images, enforcing image signing, or configuring automatic cleanup and retention policies.

Skill
pjt222

Prepare Inspection Readiness

100

Prepare an organisation for regulatory inspection by assessing readiness against agency-specific focus areas (FDA, EMA, MHRA). Covers warning letter and 483 theme analysis, mock inspection protocols, document bundle preparation, inspection logistics, and response template creation. Use when a regulatory inspection has been announced or is anticipated, when a periodic self-assessment is due, when new systems have been implemented since the last inspection, or after a significant audit finding that may attract regulatory attention.

Skill
pjt222

Monitor Data Integrity

100

Design and operate a data integrity monitoring programme based on ALCOA+ principles. Covers detective controls, audit trail review schedules, anomaly detection patterns (off-hours activity, sequential modifications, bulk changes), metrics dashboards, investigation triggers, and escalation matrix definition. Use when establishing a data integrity monitoring programme for GxP systems, preparing for inspections where data integrity is a focus area, after a data integrity incident requiring enhanced monitoring, or when implementing MHRA, WHO, or PIC/S guidance.

Skill
pjt222

Investigate Capa Root Cause

100

Investigate root causes and manage CAPAs (Corrective and Preventive Actions) for compliance deviations. Covers investigation method selection (5-Why, fishbone, fault tree), structured root cause analysis, corrective vs preventive action design, effectiveness verification, and trend analysis. Use when an audit finding requires a CAPA, when a deviation or incident occurs in a validated system, when a regulatory observation needs a formal response, when a data integrity anomaly requires investigation, or when recurring issues suggest a systemic root cause.

Skill
pjt222

Master Claude for Legal

100

Master-Skill für Rechtsteams, die Claude verwenden. Lädt die richtige Referenz für die Benutzerfrage (Konfiguration von Privilegien, MCP-Härtung, Verifizierung, lange Dokumente, Muster für Fachbereiche, Skill-Erstellung) und leitet an spezialisierte Starter-Skills weiter (NDA-Triage, Versionsvergleich, Besprechungszusammenfassung, Zitationsverifizierung, Status-Synthese). Wird automatisch aufgerufen, wenn der Benutzer juristische Arbeit, Verträge, Redlines, NDAs, Privilegien, Anwaltsgeheimnis, Gerichtsakten, Vernehmungen, regulatorische Compliance erwähnt oder fragt, wie Claude für eine Anwaltskanzlei oder ein internes Rechtsteam eingerichtet wird.

Skill
sboghossian