k8s-agent-skills

Agent skills for Kubernetes cluster operations tooling. Each skill is a self-contained SKILL.md designed for agentic AI tools (Claude Code, OpenCode, Codex) that load skills for task-specific expertise.

npm: k8s-agent-skills GitHub: Aidas-dev/k8s-agent-skills

Skills

| Skill | What it covers | CRDs | |-------|---------------|------| | atlas | Atlas Operator — DB schema migrations, lint, policies | AtlasSchema, AtlasMigration | | cert-manager | TLS cert provisioning, ACME, Issuers, Gateway integration | Certificate, Issuer, ClusterIssuer | | cilium-gateway | Gateway API, TLS, traffic splitting, oauth2-proxy, hostNetwork | GatewayClass, Gateway, HTTPRoute, etc. | | cilium-network | Cilium CNI, network policies, LB IPAM, encryption, Hubble | CiliumNetworkPolicy, CiliumCIDRGroup, etc. | | cnpg | CloudNativePG — PostgreSQL clusters, backups, poolers | Cluster, Backup, ScheduledBackup, Pooler | | dragonfly | DragonflyDB — Redis-compatible operator, replication, TLS | Dragonfly | | external-dns | DNS sync — Cloudflare, Route53, Gateway API, sources, registry | None | | external-secrets | External Secrets Operator — sync K8s Secrets from Vault, AWS, GCP, Azure | SecretStore, ClusterSecretStore, ExternalSecret, PushSecret | | flagger | Progressive delivery, canary, A/B, blue/green | Canary, MetricTemplate, AlertProvider | | flux | Flux CD router — debugging, CRDs, repo audit | Router → sub-skills | | gitea | Gitea router — API, runner, registry, webhooks, tea CLI | Router → sub-skills | | gitea-api | Gitea REST API — auth, repos, issues, PRs, packages | None | | gitea-registry | Gitea container registry — OCI, multi-arch, push/pull | None | | gitea-runner | Gitea Actions runners — registration, host-mode, ephemeral | None | | gitea-tea | tea CLI — commands, auth, actions, webhooks, admin | None | | gitea-webhooks | Gitea webhooks — events, HMAC, org vs repo hooks | None | | harbor | Harbor router — API, Helm, Terraform | Router → sub-skills | | harbor-api | Harbor REST API v2 — projects, artifacts, robots, replication, GC, OIDC | None | | harbor-helm | Harbor Helm chart — production deploy, external DB/Redis/S3, Trivy | None | | harbor-terraform | Harbor Terraform provider — 20 resources, 8 data sources | None | | higress | Higress router — CRDs, Wasm plugins, AI Gateway, Helm | Router → sub-skills | | higress-helm | Higress Helm chart — core/console/redis/plugin-server/o11y | None | | higress-operator | Higress CRDs — WasmPlugin, Http2Rpc, McpBridge, 41 Wasm plugins, 16 AI providers | WasmPlugin, Http2Rpc, McpBridge | | kserve | KServe router — CRDs, Helm, deployment modes | Router → sub-skills | | kserve-helm | KServe Helm — 10 charts, Serverless/Raw/ModelMesh modes | None | | kserve-operator | KServe CRDs — InferenceService, ServingRuntime, InferenceGraph, LLMInferenceService, LocalModel | 22 CRDs under serving.kserve.io | | kubeflow | Kubeflow router — Trainer v2, Pipelines v2, Training Operator v1 | Router → sub-skills | | kubeflow-pipelines | KFP v2 SDK — DSL, IR YAML, control flow, Kubernetes Native API | PipelineRun (v2beta1) | | kubeflow-trainer | Kubeflow Trainer v2.2 — TrainJob, TrainingRuntime, 5 ML policies | TrainJob, TrainingRuntime, ClusterTrainingRuntime | | kubeflow-training-operator | Legacy v1 — PyTorchJob, TFJob, MPIJob, XGBoostJob | PyTorchJob, TFJob, MPIJob, XGBoostJob | | mariadb | MariaDB router — operator CRDs, Helm | Router → sub-skills | | mariadb-helm | MariaDB operator Helm — 3 charts, production HA values | None | | mariadb-operator | MariaDB operator — 12 CRDs, Galera HA, MaxScale, backups, PITR | 12 CRDs under k8s.mariadb.com | | nvidia-device-plugin | GPU discovery, GFD, NFD, CDI, MIG, time-slicing | None (ConfigMap) | | rook-ceph-operator | Ceph cluster, block pools, object store, NFS, CSI | CephCluster, CephBlockPool, CephObjectStore, etc. | | rook-ceph-toolbox | Ceph CLI — health, OSD mgmt, RBD, RGW, CRUSH | None (toolbox ops) | | sealed-secrets | Encrypted Secrets for GitOps, kubeseal, key rotation | SealedSecret | | stakater-reloader | ConfigMap/Secret reload, annotations, Helm values | None (annotation-based) | | talos | Talos Linux — cluster deploy, machine config, upgrades, talosctl | None | | tekton | Tekton pipelines — resolver refs, matrix, CEL, TTL | Task, Pipeline, etc. | | vault | Vault router — Helm, API, Terraform | Router → sub-skills | | vault-api | Vault REST API — health, init, unseal, auth, KV, policies | None | | vault-helm | Vault Helm chart — HA+Raft, injector, storage, TLS, telemetry | None | | vault-terraform | Vault Terraform provider — 188+ resources, auth backends, KV, policies, identity | None | | vector | Vector router — Helm, operator CRDs | Router → sub-skills | | vector-helm | Vector Helm chart — 3 roles (Agent/Aggregator/Stateless), customConfig | None | | vector-operator | Vector operator — 5 CRDs, auto-routing by source type | Vector, VectorPipeline, ClusterVectorPipeline, VectorAggregator, ClusterVectorAggregator | | victoria-metrics | VM skill router — operator, queries, cardinality, logs, traces | Router | | victoriametrics-operator | VM Operator CRDs — VMAgent, VMAlert, VMServiceScrape, VLogs | 19 CRDs | | zitadel | ZITADEL router — API, Helm, Terraform | Router → sub-skills | | zitadel-api | ZITADEL API — OIDC/SAML/API apps, users, orgs, roles | None | | zitadel-helm | ZITADEL Helm — CNPG, Gateway API, caches, masterkey | None | | zitadel-terraform | ZITADEL Terraform provider — 80+ resources, 40+ data sources | None |

Usage

Via npm (recommended)

npm install --save-dev k8s-agent-skills
# or
bun add -d k8s-agent-skills

# Symlink all skills to ~/.agents/skills/ (OpenCode)
npx skills-link

# Or to other agent directories:
npx skills-link --claude     # Claude Code  (~/.claude/skills/)
npx skills-link --codex      # Codex CLI    (~/.codex/skills/)
npx skills-link --cursor     # Cursor       (~/.cursor/skills/)
npx skills-link --all        # all known agent dirs

Via git clone

git clone https://github.com/Aidas-dev/k8s-agent-skills.git
ln -sf $(pwd)/k8s-agent-skills/skills/* ~/.agents/skills/

Manual copy

# OpenCode / Codex
cp -r skills/vector ~/.agents/skills/

# Claude Code Desktop
cp -r skills/external-dns ~/.claude/skills/

npm Publishing

Auto-publishes on v* tag push via GitHub Actions with OIDC Trusted Publisher — no tokens needed.

# Bump version
npm version patch  # or minor / major

# Tag and push
git push origin main --tags
git push github main --tags

Or manually: git tag vX.Y.Z && git push origin main --tags && git push github main --tags.

License

MIT — free to use, modify, and distribute.