sawrus/areas/software/platform/skills/k8s-manifests
areas/software/platform/skills/k8s-manifests/SKILL.md
# Skill: Kubernetes Manifests & Helm ## When to load When writing K8s YAML, designing Helm charts, setting resource limits, configuring probes, or reviewing pod security. ## Production Deployment Template ```yaml spec: replicas: {{ .Values.replicaCount }} # Min 2 for Tier 1 template: spec: securityContext: runAsNonRoot: true runAsUser: 1000 terminationGracePeriodSeconds: 60 containers: - name: api image: "{{ .Values.image.repositor
$ install --global
skillsauthnpx skillsauth add sawrus/agent-guides areas/software/platform/skills/k8s-manifestsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 18, 2026, 4:32 AM44.7s1 file scanned
SKILL.md
Skill: Kubernetes Manifests & Helm
When to load
When writing K8s YAML, designing Helm charts, setting resource limits, configuring probes, or reviewing pod security.
Production Deployment Template
spec:
replicas: {{ .Values.replicaCount }} # Min 2 for Tier 1
template:
spec:
securityContext:
runAsNonRoot: true
runAsUser: 1000
terminationGracePeriodSeconds: 60
containers:
- name: api
image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}"
resources:
requests: { cpu: 100m, memory: 128Mi }
limits: { cpu: 500m, memory: 512Mi }
readinessProbe:
httpGet: { path: /health/ready, port: http }
initialDelaySeconds: 10
periodSeconds: 5
livenessProbe:
httpGet: { path: /health/live, port: http }
initialDelaySeconds: 30
periodSeconds: 15
topologySpreadConstraints:
- maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: DoNotSchedule
HPA
spec:
minReplicas: 2
maxReplicas: 20
metrics:
- type: Resource
resource: { name: cpu, target: { type: Utilization, averageUtilization: 70 } }
PodDisruptionBudget (Required for Tier 1)
spec:
minAvailable: 1
selector:
matchLabels: {{ include "app.selectorLabels" . | nindent 6 }}
Related Skills
sawrus/qa_expert
testing
VerifiedTrustedCommunity
QA Expert for writing E2E tests, test scenarios, test plans, and ensuring test coverage quality.
12SKILL.mdUpdated Apr 18, 2026
sawrus/design_expert
development
VerifiedTrustedCommunity
Expert UI/UX design intelligence for creating distinctive, high-craft, and mobile-first interfaces. Focuses on premium aesthetics, touch-first ergonomics, and Flutter performance.
12SKILL.mdUpdated Apr 18, 2026
sawrus/code_review_expert
development
VerifiedTrustedCommunity
Code Review Expert for static analysis, security auditing, architecture review, and ensuring code quality standards.
12SKILL.mdUpdated Apr 18, 2026
sawrus/babysit-pr
development
VerifiedTrustedCommunity
Babysit a GitHub pull request after creation by continuously polling review comments, CI checks/workflow runs, and mergeability state until the PR is merged/closed or user help is required. Diagnose failures, retry likely flaky failures up to 3 times, auto-fix/push branch-related issues when appropriate, and keep watching open PRs so fresh review feedback is surfaced promptly. Use when the user asks Codex to monitor a PR, watch CI, handle review comments, or keep an eye on failures and feedback on an open PR.
12SKILL.mdUpdated Apr 18, 2026