indrasvat/crd-impact
skills/crd-impact/SKILL.md
Analyze the impact of CRD (Custom Resource Definition) changes — find all controllers, operators, webhooks, RBAC rules, and manifests that reference the CRD and need updates. Use when the user says "CRD impact", "what breaks if I change this CRD", "CRD change analysis", "custom resource impact", "who uses this CRD", "CRD consumers", "operator impact", "CRD dependencies", or when a CRD definition file has been modified.
$ install --global
skillsauthnpx skillsauth add indrasvat/claude-code-skills crd-impactInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 23, 2026, 8:13 AM134.6s1 file scanned
SKILL.md
- name:
- crd-impact
- description:
- >
- allowed-tools:
- Bash, Read, Grep, Glob
- argument-hint:
- <crd-file-or-group/version/kind>
CRD Impact Analysis
Read-only analysis of CRD change blast radius across controllers, webhooks, RBAC, manifests, and clients.
1. Prerequisites
Standard tools (grep, find) always available. Check command -v kubectl and report availability (optional; used only to fetch live CRD schemas).
2. Input
Parse $ARGUMENTS for one of:
- File path -- Read the file, extract
spec.group,spec.versions[].name,spec.names.kind, and field names fromopenAPIV3Schema. - group/version/kind (e.g.
apps.example.com/v1alpha1/MyResource) -- Split on/. Search repo for matching CRD YAML. Derive:GROUP,VERSION,KIND,PLURAL,SHORT_NAMES, and a flat list of spec/status field paths.
3. Baseline
Diff CRD file against git merge-base HEAD main:
git diff $(git merge-base HEAD main) -- <crd-file>
Parse added/removed/changed fields. If no git history or new file, do full impact scan without field-level classification.
4. Analysis
Run five searches in parallel:
Controllers -- Go files importing the API group package, Reconcile functions, SetupWithManager, ctrl.NewControllerManagedBy, For(&<kind>{}).
Webhooks -- //+kubebuilder:webhook markers, ValidatingWebhookConfiguration/MutatingWebhookConfiguration YAML with matching apiGroups/resources, Defaulter/Validator implementations.
RBAC -- //+kubebuilder:rbac with groups=<GROUP>, ClusterRole/Role YAML under config/rbac/ or any YAML with apiGroups containing GROUP and resources containing PLURAL.
Manifests -- Sample CR YAML (kind: <KIND>), test fixtures, Helm templates generating CRs, Kustomize overlays referencing the CRD.
Client usage -- Generated clients/informers/listers, dynamic client calls with the GVR, E2E tests, any .go file accessing CRD struct fields by name.
5. Impact Assessment
For each changed field, classify every referencing file:
| Level | Criteria | |-------|----------| | MUST UPDATE | Code directly reads/writes the changed field (struct access, JSON path, webhook validation) | | SHOULD UPDATE | Code references the parent resource but not the specific field (Reconcile, generic watches) | | INFORMATIONAL | Test fixtures, sample manifests, docs |
If no field-level diff available, classify all as SHOULD UPDATE with a note.
6. Output
Lead with summary: fields added, removed, type-changed. Then impact map grouped by level (MUST UPDATE first):
| File | Type | Impact | Reason |
|------|------|--------|--------|
| internal/controller/foo_controller.go | Controller | MUST UPDATE | reads .spec.removedField |
| config/rbac/role.yaml | RBAC | SHOULD UPDATE | grants access to foos |
| config/samples/foo_v1alpha1.yaml | Sample CR | INFORMATIONAL | contains example CR |
No preamble. Summary first, then table.
7. Idempotency
Read-only. No files created or modified. Safe to re-run.
$ARGUMENTS
Related Skills
indrasvat/triage-pr
development
VerifiedTrustedCommunity
Fetch, categorize, and address PR review comments in priority order. Classifies each comment as BLOCKER, QUESTION, SUGGESTION, or NITPICK and works through blockers first. Use when the user says "address PR comments", "fix review feedback", "respond to PR", "handle review comments", "triage PR", "what does the reviewer want", "address feedback", "PR comments", "review feedback", or needs to work through pull request review comments systematically.
3SKILL.mdUpdated May 23, 2026
indrasvat/ship-pr
testing
VerifiedTrustedCommunity
Create a pull request with a standards compliance review gate. Reviews the diff against CLAUDE.md and repo conventions before creating the PR, stopping on discrepancies. Supports tiered PR templates (small, standard, complex). Use when the user says "create PR", "open PR", "ship it", "ship PR", "make a pull request", "push and PR", "ready for review", "send for review", "create a pull request", or wants to create a GitHub pull request from the current branch.
3SKILL.mdUpdated May 23, 2026
indrasvat/rollout-check
testing
VerifiedTrustedCommunity
Verify Kubernetes deployment health — pod status, rollout progress, events, readiness, HPA state, and recent errors. Use when the user says "check rollout", "is deploy healthy", "rollout status", "deployment health", "pod status", "check pods", "why is deploy failing", "k8s health", "verify deployment", "are pods ready", "check deployment", or wants to verify a Kubernetes deployment is healthy after a rollout.
3SKILL.mdUpdated May 23, 2026
indrasvat/prd-generator
documentation
VerifiedTrustedCommunity
Generate comprehensive Product Requirements Documents with interactive discovery, progress tracking, and True Ralph Loop support for autonomous implementation. Use when user wants to (1) create a PRD for a new project/feature, (2) implement a PRD autonomously with fresh Claude sessions, (3) track implementation progress, (4) recover context after session loss. Creates docs/PRD.md and docs/PROGRESS.md.
3SKILL.mdUpdated May 23, 2026