Stats
Actions
Tags
From kube-guard
Safe habits when running kubectl/helm in a project guarded by kube-guard. Use whenever operating on a Kubernetes cluster — prefer reads and dry-runs, never run destructive or high-risk commands against protected/production contexts.
How this skill is triggered — by the user, by Claude, or both
Slash command
/kube-guard:k8s-safetyThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
This project is protected by **kube-guard**: a PreToolUse hook classifies every `kubectl`/`helm` command and may `allow`, `ask`, or `deny` it. Work with the guard, not against it.
This project is protected by kube-guard: a PreToolUse hook classifies every kubectl/helm command and may allow, ask, or deny it. Work with the guard, not against it.
kubectl get/describe/logs to understand state first.kubectl apply --dry-run=server -f ... and show the diff (kubectl diff -f ...) before a real apply.--all/-A with mutating verbs.kubectl config current-context before any change; never assume.delete, drain, taint, replace --force, helm uninstall/rollback) against production — kube-guard will deny them.exec, run, cp, port-forward, proxy, kubectl config view) or dump secrets (get secret -o yaml) unless the user explicitly asks and approves.eval, piping into sh, base64, or hiding kubectl inside subshells) — kube-guard fails closed on unverifiable commands.Explain to the user what was blocked and why, and propose a safer alternative (a read, a dry-run, a non-prod context, or a PR-based change). Let the human make the call.
Provides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.
npx claudepluginhub andresleecom/kube-guard --plugin kube-guard