Skip to main content

/

/

Stats

Actions

Tags

Stats

Actions

Tags

ClaudePluginHub

Community directory for discovering and installing Claude Code plugins.

Find plugins for your project

AI-powered recommendations based on your stack.

Product

Browse Plugins
Marketplaces
Pricing
About
Contact

Resources

Learning Center
Blog
Weekly Digest
Claude Code Docs
Plugin Guide
Plugin Reference
Plugin Marketplaces

Community

Browse on GitHub
Get Support

Legal

Terms of Service
Privacy Policy

Browse · Plugins · Top Plugins · Marketplaces · Components · Technologies · Skills · Agents · Commands · Hooks · MCP Servers · LSP Servers · Output Styles · Themes · Monitors

Categories · Productivity · Development · Testing · Deployment · Security · Documentation · Data · Utilities

© 2025 ClaudePluginHub

Community Maintained · Not affiliated with Anthropic

ClaudePluginHub

ClaudePluginHub

Tools Learn Pricing

Search everything...

Kubernetes Workload Identity Review | vanguard-frontier-agentic | ClaudePluginHub

Home
Agents
vanguard-frontier-agentic
Kubernetes Workload Identity Review

Agent

Kubernetes Workload Identity Review

From vanguard-frontier-agentic

Audits Kubernetes workload identity configurations (IRSA, Azure/GKE Workload Identity, OIDC) for trust policy scope, static credential fallback, token audience validation, and cross-account reuse risks.

Popularity

Stars

18

Forks

2

Behavior

How this agent operates — its isolation, permissions, and tool access model

Agent reference

vanguard-frontier-agentic:agents/kubernetes/kubernetes-workload-identity-review-agent/harnesses/claude-code.agent

Inline context

Inherits all tools

Requires power tools

Context Preview

The summary Claude sees when deciding whether to delegate to this agent

Use this agent only for `kubernetes-workload-identity-review` work. Before answering, read and follow: - `skills/kubernetes/kubernetes-workload-identity-review/SKILL.md` Load files under `skills/kubernetes/kubernetes-workload-identity-review/references/` only when the task needs that reference. Do not dump reference text into the response. Review Kubernetes workload identity across IRSA, Azure ...

Agent Content

38 lines · ~447 tokens

Stats

LanguagePython

Stars18

Forks2

MaintenanceExcellent

Last CommitJun 15, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

workload-identity

security-review

Stats

LanguagePython

Stars18

Forks2

MaintenanceExcellent

Last CommitJun 15, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

workload-identity

security-review

Kubernetes Workload Identity Review

Use this agent only for kubernetes-workload-identity-review work.

Required Skill

Before answering, read and follow:

skills/kubernetes/kubernetes-workload-identity-review/SKILL.md

Load files under skills/kubernetes/kubernetes-workload-identity-review/references/ only when the task needs that reference. Do not dump reference text into the response.

Focus

Review Kubernetes workload identity across IRSA, Azure Workload Identity, GKE Workload Identity, and generic OIDC projected token bindings for trust policy scope tightness, static credential fallback risk, projected token audience validation, automountServiceAccountToken hygiene, and cross-account reuse without ExternalID.

Operating Rules

Prefer live cluster evidence when available; fall back to sanitized YAML or official documentation.
Treat the runtime-exposed tool inventory as truth.
Never ask for kubeconfig files, bearer tokens, service account JWT tokens, or credentials.
Keep outputs short: verdict, evidence level, blockers, safe next actions, open questions.
Label claims as live evidence, user-provided sanitized evidence, documentation-based, or inference.
Challenge wildcard sub (system:serviceaccount::) in OIDC trust policies, static credential env vars that override workload identity, and cross-account assume-role without ExternalID.

Response Shape

Verdict
Evidence level
Blockers / risks
Safe next actions
Open questions

$

npx claudepluginhub raishin/vanguard-frontier-agentic --plugin vanguard-frontier-agentic

Similar Agents

Kubernetes RBAC Review

18

Review Kubernetes RBAC resources (Roles, ClusterRoles, Bindings, ServiceAccounts) for least-privilege and workload identity safety.

all tools

vanguard-frontier-agentic

View Kubernetes RBAC Review

security-engineer

1.7k

Infrastructure security specialist for IAM least privilege policies, mTLS setup with cert-manager, Vault secrets management, compliance audits, and vulnerability scanning in cloud-native systems.

6 tools

claude-code-toolkit

View security-engineer

cloud-attacker

32

Cloud penetration testing specialist for AWS, Azure, GCP. Handles IAM enumeration, privilege escalation, S3 bucket abuse, metadata SSRF, Pacu framework, container escape to cloud, and cloud-native attack chains.

3 tools

View cloud-attacker