platform-skills
Hands-on guidance for platform and DevOps engineers working with Kubernetes, Terraform, GitOps, GitHub Actions, AWS, Azure, Linkerd, Linux, networking, compliance, KEDA event-driven autoscaling, and self-improving agent patterns. Use when designing or troubleshooting Kubernetes workloads and RBAC, w
Install
mkdir -p .claude/skills/platform-skills && curl -L -o skill.zip "https://mcp.directory/api/skills/download/9527" && unzip -o skill.zip -d .claude/skills/platform-skills && rm skill.zipInstalls to .claude/skills/platform-skills
About this skill
Platform Skills
Use this skill for hands-on help with Kubernetes, GitOps, cloud infrastructure, CI/CD, secrets management, service mesh, Linux administration, networking, and platform product thinking — whether you are a solo developer or part of a large platform team.
Pick the right tool for the job
| Layer | When to use |
|---|---|
Terraform | Cloud primitives, cluster bootstrap, IAM, networking, secrets backends |
Kubernetes | Workload, RBAC, network policy, platform baseline across distributions — /platform-skills:kubernetes |
OpenShift | Kubernetes patterns adapted to OpenShift SCC, Routes, GitOps, and cluster upgrades — /platform-skills:openshift |
Flux / Argo CD | In-cluster reconciliation, Helm releases, workload promotion |
GitHub Actions | Validate, package, gate, and promote — OIDC, SHA pinning, reusable workflows, debug — /platform-skills:github-actions |
AWS / Azure / GKE | Provider-specific account, identity, and governance patterns — Azure: /platform-skills:azure |
Linkerd | Automatic mTLS, golden-signal observability, traffic management |
Linux & Networking | DNS, load balancer routing, VPC/VNet, kernel tuning, connectivity |
Secrets | ESO, Sealed Secrets, rotation runbooks, Kubernetes-side audit — /platform-skills:secrets |
Compliance | SOC 2 controls in Terraform — IAM, encryption, audit logging, Checkov |
Helm (Helmcheck) | Chart scaffolding, lint/validate pipeline, values design, security hardening |
MCP | Build/debug MCP servers — tools, resources, transports, auth |
AWS MCP Profiles | Discover/switch AWS profiles across VS Code + Claude Code MCP configs — multi-account, SSO, Granted, credential_process |
Observability | Prometheus, OpenTelemetry, Grafana, alerting, k6 load tests, capacity |
Documentation | Docstrings (Google/NumPy/JSDoc), OpenAPI 3.1, MkDocs, guides |
Datadog | Agent on Kubernetes, APM, monitors, dashboards, SLOs, LLMObs |
Dynatrace | OneAgent Operator, auto-instrumentation, anomaly detection, SLOs |
Conventional Commits | Generate WHY-driven commit messages, atomic staging, validate |
OPA / Conftest | Rego policies, unit tests, fmt/regal/verify pipeline, debug |
Kyverno | CEL-based ValidatingPolicy, MutatingPolicy, ImageValidatingPolicy |
PR Review | Cost, drift, ownership, SOC 2, deprecated APIs, rollback feasibility |
PR Triage | Classify comments ACTIONABLE_FIX/INFORMATIONAL/NOT_APPLICABLE, fix, reply |
KEDA | ScaledObject/ScaledJob, all scalers, TriggerAuthentication, scale-to-zero |
Karpenter | NodePool/EC2NodeClass design, Spot diversity, disruption strategy, capacity planning, audit, CA migration, v0→v1 upgrade |
Agent Self-Improvement | .learnings/ workspace, LRN/ERR lifecycle, WAL, VFM, ADL |
Supply Chain Security | Cosign signing, Syft SBOM, Trivy/Grype CVE gates, SLSA Level 2 |
Runtime Security | Falco eBPF, custom rules, Falcosidekick routing, Kyverno enforcement |
Awesome Docs | Animated SVG Markdown — README, runbook, RFC, architecture, post-mortem |
Composite Actions | Full action repo scaffold, SHA pinning, secrets-as-inputs, actionlint |
GitOps debug | 5-workflow structured debug → 5-section report with root cause |
GitOps audit | 6-phase repo audit → prioritized Critical/Warning/Info report |
Platform Mindset | DevEx, friction audits, RFC/ADR, incident communication, post-mortems |
Renovate | Dependency update automation — generate renovate.json from repo scan, emit GHA validation workflow |
Setup Agents | Scaffold multi-agent AI configs for any repo — interview-driven, specific to this codebase |
If a task spans multiple areas, decide which layer owns the source of truth and keep the other layers consumers of that state.
Apply These Platform Rules
- Separate reusable platform building blocks from live environment configuration.
- Prefer GitOps pull-based reconciliation for cluster state and CI push-based automation for validation and packaging.
- Choose either Flux or Argo CD for a given ownership boundary unless the task is explicitly about migration between them.
- Keep Terraform responsible for bootstrapping clusters, cloud resources, secrets backends, and access primitives. Do not let Flux or Argo CD recreate those foundations unless there is a deliberate controller-based design.
- Use Flux or Argo CD for in-cluster add-ons, workloads, Helm releases, and app-level environment promotion after bootstrap.
- Use GitHub Actions for checks, plans, policy gates, artifact publishing, and promotion orchestration. Do not store long-lived environment truth in workflow YAML.
- Prefer OIDC or workload identity over static cloud credentials.
- Model environments explicitly. Promotion should be visible in Git history and reversible by commit rollback.
- For Linux and networking changes, validate at each layer before escalating: confirm the process is listening (
ss -tulnp), then L3 reachability (ping), L4 connectivity (nc -zv), L7 response (curl -v), and security group / NACL rules last. Do not skip layers. - For every Terraform change, enforce in order:
terraform fmt -check -recursive,terraform validate,conftest test(OPA/Rego policy gates — runs after validate, before plan as a blocking gate),tflint --recursive, security scan (tfsecorcheckov), thenplan. Do not let format, lint, or policy failures reach the plan step. - For every Helm chart change, enforce in order:
helm lint --strict,helm template --debug,kubeconform -strict -summaryon rendered output,checkovon rendered manifests, thenhelm testin-cluster. Fail CI on anyhelm lint --strictwarning. - Enforce a tag baseline on all cloud resources. The specific keys are an organizational decision. Use AWS
default_tags(provider level) or Azuremerge(local.common_tags, {...})(module local) so the baseline is applied once, not repeated per resource. Back it with AWS Tag Policies or Azure Policy so resources created outside Terraform are also covered.
Structure the Response
For design or implementation work, provide output in this order:
- Target architecture and ownership boundaries
- Repository or directory layout
- Identity, secrets, and promotion model
- Validation and deployment workflow
- Risks, tradeoffs, and migration path
When asked to generate code, start from the thinnest useful slice that proves the pattern and note which layer remains intentionally out of scope.
Pick the Right Reference Files
Load only the files needed for the current request.
| File | Scope |
|---|---|
| references/platform-operating-model.md | Repo topology, ownership boundaries, promotion flow |
| references/terraform.md | Module patterns, environments, state, testing |
| references/checkov.md | Checkov bootstrap, scan modes, provider detection, private module auth, output formats, fix mode, custom checks |
| references/kubernetes.md | Cluster baseline, workload, RBAC, policy |
| references/openshift.md | OpenShift routing, SCC, OLM, tenancy |
| references/fluxcd.md | Bootstrap, reconciliation, FluxInstance, ResourceSet, image automation |
| references/fluxcd-sources.md | GitRepository, OCIRepository, HelmRepository, Bucket, ArtifactGenerator |
| references/fluxcd-resourcesets.md | ResourceSet templating, input strategies, gitless fleet patterns |
| references/fluxcd-notifications.md | Provider, Alert, Receiver, Slack/Datadog/GitHub commit status |
| references/fluxcd-operator.md | FluxInstance sizing, multi-tenancy, kustomize patches, FluxReport |
| references/fluxcd-kustomization.md | CEL readyExpr, postBuild substitution, SOPS, SSA annotations |
| references/fluxcd-helmrelease.md | chartRef vs chart.spec, drift detection, post-renderers, CRD lifecycle |
| references/fluxcd-terraform.md | Flux Operator bootstrap via Terraform |
| references/fluxcd-mcp.md | AI-assisted FluxCD debugging via Flux MCP server |
| references/fluxcd-migration.md | v2.7/v2.8 API removals, CLI and Operator upgrade paths |
| references/fluxcd-security.md | Secrets, source auth, OCI supply chain, RBAC, image automation security |
| references/fluxcd-troubleshooting.md | Incident cheat-sheet — symptom → cause → fix per controller |
| references/argocd.md | App delivery, ApplicationSet, sync policies |
| references/aws.md | Landing zones, IAM, EKS patterns |
| references/aws-mcp-profiles.md | AWS MCP profile management — multi-account SSO, Granted, credential_process, context budget, starter kits |
| references/azure.md | Management groups, identity, AKS patterns |
| references/aws-cloudfront.md | CloudFront distributions, OAC, Lambda@Edge, security headers |
| references/aws-waf.md | Web ACLs, managed rules, rate limiting, Firewall Manager |
| references/github-actions.md | Reusable workflows, OIDC, delivery controls |
| references/composite-actions.md | Composite action scaffold, SHA pinning, secrets-as-inputs, actionlint |
| references/secrets.md | External Secrets Operator, Sealed Secrets, secrets strategy |
| references/linkerd.md | mTLS, observability, traffic management, multi-cluster |
| references/linux-networking.md | DNS, load balancing, VPC/VNet, kernel tuning, connectivity |
| references/platform-mindset.md | DevEx, friction audits, RFC/ADR, incident communication, post-mortems |
| references/compliance.md | SOC 2 controls, IAM, encryption, audit logging, Checkov evidence |
| references/helm.md | Chart scaffolding, lint pipeline, values design, GitOps integration |
| references/mcp.md | MCP protocol, SDKs, transports, schema validation, auth, testing |
| references/observability.md | Prometheus, OpenTelemetry, Grafana, alerting, k6, capacity |
| references/documentation.md | Docstrings, OpenAPI 3.1, MkDocs, developer guides |
| references/datadog.md | Agent, APM, monitors, dashboards, SLOs, LLMObs, FluxCD monitoring |
| references/llm-observability.md | LLMObs instrumentation, eval bootstrap, trace RCA |
| refer |
Content truncated.
You might also like
ui-ux-pro-max
nextlevelbuilder
"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."
flutter-development
aj-geddes
Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.
pdf-to-markdown
aliceisjustplaying
Convert entire PDF documents to clean, structured Markdown for full context loading. Use this skill when the user wants to extract ALL text from a PDF into context (not grep/search), when discussing or analyzing PDF content in full, when the user mentions "load the whole PDF", "bring the PDF into context", "read the entire PDF", or when partial extraction/grepping would miss important context. This is the preferred method for PDF text extraction over page-by-page or grep approaches.
drawio-diagrams-enhanced
jgtolentino
Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.
godot
bfollington
This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.
nano-banana-pro
garg-aayush
Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.
Related MCP Servers
Browse all serversMobile Next offers fast, seamless mobile automation for iOS and Android. Automate apps, extract data, and simplify mobile workflows effortlessly.
Use Cycode Security Scanner for automated SAST and site scanner virus checks on local files and repos, with detailed vulnerability reports.
Integrate with Datadog for real-time metrics, logs, dashboards, and APM to optimize DevOps workflows. Learn about Datadog pricing & cost.
Streamline DevOps workflows by managing configurations, pipelines, and metrics with Cribl Stream for optimized data processing.
Manage browser tests and suites with BugBug's software automation tester, headless browsers, and real-time error reporting.
Cycloid - Internal Developer Platform for infrastructure automation and DevOps orchestration. Interact, manage, and streamline your cloud workflows.