platform-skills

1
0
Source

Hands-on guidance for platform and DevOps engineers working with Kubernetes, Terraform, GitOps, GitHub Actions, AWS, Azure, Linkerd, Linux, networking, compliance, KEDA event-driven autoscaling, and self-improving agent patterns. Use when designing or troubleshooting Kubernetes workloads and RBAC, w

Install

mkdir -p .claude/skills/platform-skills && curl -L -o skill.zip "https://mcp.directory/api/skills/download/9527" && unzip -o skill.zip -d .claude/skills/platform-skills && rm skill.zip

Installs to .claude/skills/platform-skills

About this skill

Platform Skills

Use this skill for hands-on help with Kubernetes, GitOps, cloud infrastructure, CI/CD, secrets management, service mesh, Linux administration, networking, and platform product thinking — whether you are a solo developer or part of a large platform team.

Pick the right tool for the job

LayerWhen to use
TerraformCloud primitives, cluster bootstrap, IAM, networking, secrets backends
KubernetesWorkload, RBAC, network policy, platform baseline across distributions — /platform-skills:kubernetes
OpenShiftKubernetes patterns adapted to OpenShift SCC, Routes, GitOps, and cluster upgrades — /platform-skills:openshift
Flux / Argo CDIn-cluster reconciliation, Helm releases, workload promotion
GitHub ActionsValidate, package, gate, and promote — OIDC, SHA pinning, reusable workflows, debug — /platform-skills:github-actions
AWS / Azure / GKEProvider-specific account, identity, and governance patterns — Azure: /platform-skills:azure
LinkerdAutomatic mTLS, golden-signal observability, traffic management
Linux & NetworkingDNS, load balancer routing, VPC/VNet, kernel tuning, connectivity
SecretsESO, Sealed Secrets, rotation runbooks, Kubernetes-side audit — /platform-skills:secrets
ComplianceSOC 2 controls in Terraform — IAM, encryption, audit logging, Checkov
Helm (Helmcheck)Chart scaffolding, lint/validate pipeline, values design, security hardening
MCPBuild/debug MCP servers — tools, resources, transports, auth
AWS MCP ProfilesDiscover/switch AWS profiles across VS Code + Claude Code MCP configs — multi-account, SSO, Granted, credential_process
ObservabilityPrometheus, OpenTelemetry, Grafana, alerting, k6 load tests, capacity
DocumentationDocstrings (Google/NumPy/JSDoc), OpenAPI 3.1, MkDocs, guides
DatadogAgent on Kubernetes, APM, monitors, dashboards, SLOs, LLMObs
DynatraceOneAgent Operator, auto-instrumentation, anomaly detection, SLOs
Conventional CommitsGenerate WHY-driven commit messages, atomic staging, validate
OPA / ConftestRego policies, unit tests, fmt/regal/verify pipeline, debug
KyvernoCEL-based ValidatingPolicy, MutatingPolicy, ImageValidatingPolicy
PR ReviewCost, drift, ownership, SOC 2, deprecated APIs, rollback feasibility
PR TriageClassify comments ACTIONABLE_FIX/INFORMATIONAL/NOT_APPLICABLE, fix, reply
KEDAScaledObject/ScaledJob, all scalers, TriggerAuthentication, scale-to-zero
KarpenterNodePool/EC2NodeClass design, Spot diversity, disruption strategy, capacity planning, audit, CA migration, v0→v1 upgrade
Agent Self-Improvement.learnings/ workspace, LRN/ERR lifecycle, WAL, VFM, ADL
Supply Chain SecurityCosign signing, Syft SBOM, Trivy/Grype CVE gates, SLSA Level 2
Runtime SecurityFalco eBPF, custom rules, Falcosidekick routing, Kyverno enforcement
Awesome DocsAnimated SVG Markdown — README, runbook, RFC, architecture, post-mortem
Composite ActionsFull action repo scaffold, SHA pinning, secrets-as-inputs, actionlint
GitOps debug5-workflow structured debug → 5-section report with root cause
GitOps audit6-phase repo audit → prioritized Critical/Warning/Info report
Platform MindsetDevEx, friction audits, RFC/ADR, incident communication, post-mortems
RenovateDependency update automation — generate renovate.json from repo scan, emit GHA validation workflow
Setup AgentsScaffold multi-agent AI configs for any repo — interview-driven, specific to this codebase

If a task spans multiple areas, decide which layer owns the source of truth and keep the other layers consumers of that state.

Apply These Platform Rules

  • Separate reusable platform building blocks from live environment configuration.
  • Prefer GitOps pull-based reconciliation for cluster state and CI push-based automation for validation and packaging.
  • Choose either Flux or Argo CD for a given ownership boundary unless the task is explicitly about migration between them.
  • Keep Terraform responsible for bootstrapping clusters, cloud resources, secrets backends, and access primitives. Do not let Flux or Argo CD recreate those foundations unless there is a deliberate controller-based design.
  • Use Flux or Argo CD for in-cluster add-ons, workloads, Helm releases, and app-level environment promotion after bootstrap.
  • Use GitHub Actions for checks, plans, policy gates, artifact publishing, and promotion orchestration. Do not store long-lived environment truth in workflow YAML.
  • Prefer OIDC or workload identity over static cloud credentials.
  • Model environments explicitly. Promotion should be visible in Git history and reversible by commit rollback.
  • For Linux and networking changes, validate at each layer before escalating: confirm the process is listening (ss -tulnp), then L3 reachability (ping), L4 connectivity (nc -zv), L7 response (curl -v), and security group / NACL rules last. Do not skip layers.
  • For every Terraform change, enforce in order: terraform fmt -check -recursive, terraform validate, conftest test (OPA/Rego policy gates — runs after validate, before plan as a blocking gate), tflint --recursive, security scan (tfsec or checkov), then plan. Do not let format, lint, or policy failures reach the plan step.
  • For every Helm chart change, enforce in order: helm lint --strict, helm template --debug, kubeconform -strict -summary on rendered output, checkov on rendered manifests, then helm test in-cluster. Fail CI on any helm lint --strict warning.
  • Enforce a tag baseline on all cloud resources. The specific keys are an organizational decision. Use AWS default_tags (provider level) or Azure merge(local.common_tags, {...}) (module local) so the baseline is applied once, not repeated per resource. Back it with AWS Tag Policies or Azure Policy so resources created outside Terraform are also covered.

Structure the Response

For design or implementation work, provide output in this order:

  1. Target architecture and ownership boundaries
  2. Repository or directory layout
  3. Identity, secrets, and promotion model
  4. Validation and deployment workflow
  5. Risks, tradeoffs, and migration path

When asked to generate code, start from the thinnest useful slice that proves the pattern and note which layer remains intentionally out of scope.

Pick the Right Reference Files

Load only the files needed for the current request.

FileScope
references/platform-operating-model.mdRepo topology, ownership boundaries, promotion flow
references/terraform.mdModule patterns, environments, state, testing
references/checkov.mdCheckov bootstrap, scan modes, provider detection, private module auth, output formats, fix mode, custom checks
references/kubernetes.mdCluster baseline, workload, RBAC, policy
references/openshift.mdOpenShift routing, SCC, OLM, tenancy
references/fluxcd.mdBootstrap, reconciliation, FluxInstance, ResourceSet, image automation
references/fluxcd-sources.mdGitRepository, OCIRepository, HelmRepository, Bucket, ArtifactGenerator
references/fluxcd-resourcesets.mdResourceSet templating, input strategies, gitless fleet patterns
references/fluxcd-notifications.mdProvider, Alert, Receiver, Slack/Datadog/GitHub commit status
references/fluxcd-operator.mdFluxInstance sizing, multi-tenancy, kustomize patches, FluxReport
references/fluxcd-kustomization.mdCEL readyExpr, postBuild substitution, SOPS, SSA annotations
references/fluxcd-helmrelease.mdchartRef vs chart.spec, drift detection, post-renderers, CRD lifecycle
references/fluxcd-terraform.mdFlux Operator bootstrap via Terraform
references/fluxcd-mcp.mdAI-assisted FluxCD debugging via Flux MCP server
references/fluxcd-migration.mdv2.7/v2.8 API removals, CLI and Operator upgrade paths
references/fluxcd-security.mdSecrets, source auth, OCI supply chain, RBAC, image automation security
references/fluxcd-troubleshooting.mdIncident cheat-sheet — symptom → cause → fix per controller
references/argocd.mdApp delivery, ApplicationSet, sync policies
references/aws.mdLanding zones, IAM, EKS patterns
references/aws-mcp-profiles.mdAWS MCP profile management — multi-account SSO, Granted, credential_process, context budget, starter kits
references/azure.mdManagement groups, identity, AKS patterns
references/aws-cloudfront.mdCloudFront distributions, OAC, Lambda@Edge, security headers
references/aws-waf.mdWeb ACLs, managed rules, rate limiting, Firewall Manager
references/github-actions.mdReusable workflows, OIDC, delivery controls
references/composite-actions.mdComposite action scaffold, SHA pinning, secrets-as-inputs, actionlint
references/secrets.mdExternal Secrets Operator, Sealed Secrets, secrets strategy
references/linkerd.mdmTLS, observability, traffic management, multi-cluster
references/linux-networking.mdDNS, load balancing, VPC/VNet, kernel tuning, connectivity
references/platform-mindset.mdDevEx, friction audits, RFC/ADR, incident communication, post-mortems
references/compliance.mdSOC 2 controls, IAM, encryption, audit logging, Checkov evidence
references/helm.mdChart scaffolding, lint pipeline, values design, GitOps integration
references/mcp.mdMCP protocol, SDKs, transports, schema validation, auth, testing
references/observability.mdPrometheus, OpenTelemetry, Grafana, alerting, k6, capacity
references/documentation.mdDocstrings, OpenAPI 3.1, MkDocs, developer guides
references/datadog.mdAgent, APM, monitors, dashboards, SLOs, LLMObs, FluxCD monitoring
references/llm-observability.mdLLMObs instrumentation, eval bootstrap, trace RCA
refer

Content truncated.

You might also like

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

2,7442,446

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

2,1271,630

pdf-to-markdown

aliceisjustplaying

Convert entire PDF documents to clean, structured Markdown for full context loading. Use this skill when the user wants to extract ALL text from a PDF into context (not grep/search), when discussing or analyzing PDF content in full, when the user mentions "load the whole PDF", "bring the PDF into context", "read the entire PDF", or when partial extraction/grepping would miss important context. This is the preferred method for PDF text extraction over page-by-page or grep approaches.

3,6151,567

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

2,2351,441

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

2,3971,198

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

1,919955