Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

markus41/helm-deploy

Name: helm-deploy
Author: markus41

.claude/skills/helm-deploy/SKILL.md

npx skillsauth add markus41/claude helm-deploy

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Safe Helm Deploy

Deploy via Helm with image verification: $ARGUMENTS

Pre-Deploy Checklist

Verify the image exists in the registry

# ACR
az acr repository show-tags --name <registry> --repository <image> --orderby time_desc --top 5
# Docker Hub
docker manifest inspect <registry>/<image>:<tag>

Check what's currently running

helm list -n <namespace>
kubectl get pods -n <namespace> -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{range .spec.containers[*]}{.image}{"\n"}{end}{end}'

Diff the changes before applying

helm diff upgrade <release> <chart> -n <namespace> \
  --set image.tag=<new-tag> \
  --set image.pullPolicy=Always \
  -f values.yaml

Deploy Command Template

helm upgrade --install <release> <chart> \
  --namespace <namespace> \
  --set image.repository=<registry>/<image> \
  --set image.tag=<specific-tag> \
  --set image.pullPolicy=Always \
  --atomic \
  --wait \
  --timeout 5m \
  -f values.yaml

Post-Deploy Verification

# Verify new pods are running
kubectl rollout status deployment/<deployment> -n <namespace>

# Verify the correct image is running
kubectl get pods -n <namespace> -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{range .spec.containers[*]}{.image}{"\n"}{end}{end}'

# Check pod logs for startup errors
kubectl logs -l app=<app> -n <namespace> --tail=50

Rollback (if needed)

helm rollback <release> -n <namespace>
# Or to a specific revision:
helm history <release> -n <namespace>
helm rollback <release> <revision> -n <namespace>

Critical Rules

ALWAYS use --set image.tag=<specific> with a unique tag (git SHA, semver)
ALWAYS use --set image.pullPolicy=Always to force fresh pulls
ALWAYS use --atomic for automatic rollback on failure
ALWAYS use --wait to confirm pods are healthy
NEVER deploy with :latest as the only tag
ALWAYS verify the image exists in registry BEFORE deploying

markus41/helm-deploy

.claude/skills/helm-deploy/SKILL.md

Safe Helm deployment with image verification, cache busting, and rollback safety. Prevents deploying stale images.

9 stars

devops

Updated Apr 7, 2026

$ install --global

skillsauth

npx skillsauth add markus41/claude helm-deploy

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 7, 2026, 2:11 AM38.0s1 file scanned

SKILL.md

name:: helm-deploy
description:: Safe Helm deployment with image verification, cache busting, and rollback safety. Prevents deploying stale images.
disable-model-invocation:: true

Safe Helm Deploy

Deploy via Helm with image verification: $ARGUMENTS

Pre-Deploy Checklist

Verify the image exists in the registry

# ACR
az acr repository show-tags --name <registry> --repository <image> --orderby time_desc --top 5
# Docker Hub
docker manifest inspect <registry>/<image>:<tag>

Check what's currently running

helm list -n <namespace>
kubectl get pods -n <namespace> -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{range .spec.containers[*]}{.image}{"\n"}{end}{end}'

Diff the changes before applying

helm diff upgrade <release> <chart> -n <namespace> \
  --set image.tag=<new-tag> \
  --set image.pullPolicy=Always \
  -f values.yaml

Deploy Command Template

helm upgrade --install <release> <chart> \
  --namespace <namespace> \
  --set image.repository=<registry>/<image> \
  --set image.tag=<specific-tag> \
  --set image.pullPolicy=Always \
  --atomic \
  --wait \
  --timeout 5m \
  -f values.yaml

Post-Deploy Verification

# Verify new pods are running
kubectl rollout status deployment/<deployment> -n <namespace>

# Verify the correct image is running
kubectl get pods -n <namespace> -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{range .spec.containers[*]}{.image}{"\n"}{end}{end}'

# Check pod logs for startup errors
kubectl logs -l app=<app> -n <namespace> --tail=50

Rollback (if needed)

helm rollback <release> -n <namespace>
# Or to a specific revision:
helm history <release> -n <namespace>
helm rollback <release> <revision> -n <namespace>

Critical Rules

ALWAYS use --set image.tag=<specific> with a unique tag (git SHA, semver)
ALWAYS use --set image.pullPolicy=Always to force fresh pulls
ALWAYS use --atomic for automatic rollback on failure
ALWAYS use --wait to confirm pods are healthy
NEVER deploy with :latest as the only tag
ALWAYS verify the image exists in registry BEFORE deploying

Related Skills

markus41/writing-plans-enhanced

development

VerifiedTrustedCommunity

Enhanced plan-authoring skill with Pre-Writing context gathering, task metadata, non-TDD templates, Red Flags, telemetry, and an automated plan linter. Use when you have a spec or requirements for a multi-step task, before touching code.

13SKILL.mdUpdated Apr 25, 2026

markus41/writing-plans-enhanced

markus41/plugins/scrapin-aint-easy

tools

VerifiedTrustedCommunity

Documentation intelligence engine with graph-based API docs, algorithm library, and drift detection

13SKILL.mdUpdated Apr 17, 2026

markus41/plugins/scrapin-aint-easy

markus41/ultraplan

tools

VerifiedTrustedCommunity

Ultraplan cloud planning — kick off a plan in the cloud from your terminal, review and revise in the browser, then execute remotely or send back to CLI

13SKILL.mdUpdated Apr 17, 2026

markus41/plugins/claude-code-expert/skills/mcp

tools

VerifiedTrustedCommunity

--- name: mcp description: Configure MCP servers for Claude Code — stdio vs HTTP, authentication, Tools/Resources/Prompts distinction, channels (CI webhook, mobile relay, Discord bridge, fakechat), and cost of always-loaded tools. Use this skill whenever adding an MCP server, debugging connection issues, choosing between MCP Tools vs Prompts vs Resources, installing channel servers, or managing .mcp.json. Triggers on: "MCP server", "mcp config", "add Obsidian MCP", "install context7", "channels"

13SKILL.mdUpdated Apr 17, 2026

markus41/plugins/claude-code-expert/skills/mcp

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/markus41/claude.git

# Copy into Claude Code skills folder (global)
cp -r claude/.claude/skills/helm-deploy ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

markus41/claude

9 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT