Can I use this for existing Kubernetes clusters?

Yes, the skill includes a security audit checklist designed to verify and harden existing deployments against modern threat models.

What layers of security does this skill cover?

It covers the application layer, the network layer via policies, and the admission control layer to prevent insecure configurations from being deployed.

How does this skill help with Kubernetes security?

It provides Claude with specific templates and logic for zero-trust mTLS, pod hardening, and least-privilege RBAC, ensuring your infrastructure follows industry best practices.

What is a secure-by-design pattern?

A secure-by-design pattern is an architectural approach where security is integrated into the system from the ground up rather than added as an external layer after development.

Kubernetes Secure-by-Design Patterns

Name: Kubernetes Secure-by-Design Patterns
Author: adaptive-enforcement-lab

byadaptive-enforcement-lab

0•

Security & Testing

Implements secure-by-design architecture patterns for Kubernetes environments using zero-trust and defense-in-depth principles.

This skill provides a comprehensive library of secure-by-design architecture patterns specifically for Kubernetes environments, enabling developers to build security into their infrastructure from the ground up. It offers standardized patterns for zero-trust mTLS communication, pod hardening, and least-privilege RBAC to ensure security properties are enforced at the application, network, and admission control layers. By providing both implementation examples and threat models, it helps teams create resilient systems where security violations are visible and costly to exploit.

Key Features

01Defense-in-depth pod security context hardening

02Fail-secure admission control and webhook configurations

03Least-privilege RBAC configuration and templates

04Default-deny network policy enforcement rules

05Zero-trust mTLS communication pattern implementation

060 GitHub stars

Use Cases

01Architecting production-ready Kubernetes clusters with built-in security defaults

02Conducting security audits of existing deployments using a standardized checklist

03Automating the generation of secure-by-default manifests for CI/CD pipelines

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptive-enforcement-lab/claude-skills secure-by-design-pattern-library

For use in Claude.ai and ChatGPT

Download Skill

Key Features

01Defense-in-depth pod security context hardening

02Fail-secure admission control and webhook configurations

03Least-privilege RBAC configuration and templates

04Default-deny network policy enforcement rules

05Zero-trust mTLS communication pattern implementation

060 GitHub stars

Use Cases

01Architecting production-ready Kubernetes clusters with built-in security defaults

02Conducting security audits of existing deployments using a standardized checklist

03Automating the generation of secure-by-default manifests for CI/CD pipelines

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptive-enforcement-lab/claude-skills secure-by-design-pattern-library

For use in Claude.ai and ChatGPT

Download Skill