gitops-repo-audit
Audit and validate Flux CD GitOps repositories by scanning local repo files (not live clusters) — runs Kubernetes schema validation, detects deprecated Flux APIs, reviews RBAC/multi-tenancy/secrets management, and produces a prioritized GitOps report. Use when users ask to audit, analyze, validate, review, or security-check a GitOps repo.
94
92%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that clearly defines its scope (Flux CD GitOps repos, local files only), lists specific concrete capabilities, and provides explicit trigger guidance with multiple natural user phrasings. The scoping clarification ('not live clusters') further reduces ambiguity and potential conflicts with cluster-monitoring skills.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: Kubernetes schema validation, detecting deprecated Flux APIs, reviewing RBAC/multi-tenancy/secrets management, and producing a prioritized GitOps report. Also clarifies scope (local repo files, not live clusters). | 3 / 3 |
Completeness | Clearly answers both 'what' (scan local repo files for schema validation, deprecated APIs, RBAC/multi-tenancy/secrets issues, produce prioritized report) and 'when' (explicit 'Use when users ask to audit, analyze, validate, review, or security-check a GitOps repo'). | 3 / 3 |
Trigger Term Quality | Includes strong natural trigger terms users would say: 'audit', 'validate', 'analyze', 'review', 'security-check', 'GitOps repo', 'Flux CD'. Covers multiple variations of how a user might phrase their request. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive — targets a very specific niche (Flux CD GitOps repositories, local repo scanning). The combination of Flux CD, GitOps, and the specific audit actions makes it unlikely to conflict with general Kubernetes or code review skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured, highly actionable skill that provides a clear multi-phase audit workflow with concrete commands, validation checkpoints, and excellent progressive disclosure to reference materials. The CRD reference table and edge cases section add useful specificity but contribute to overall length. The skill demonstrates strong domain expertise and gives Claude precise, executable guidance for each audit phase.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is mostly efficient and avoids explaining basic concepts, but the CRD reference table is quite long and could be in a separate reference file. The edge cases section, while useful, adds significant length. Some instructions like 'Read [best-practices.md] in full, do not summarize' are appropriately terse. | 2 / 3 |
Actionability | Provides concrete, executable bash commands for each phase (discover.sh, validate.sh, check-deprecated.sh), specific file paths to check, exact field names to look for (e.g., 'reconcile.fluxcd.io/watch: "Enabled"'), and clear schema naming conventions. The guidance is specific and directly usable. | 3 / 3 |
Workflow Clarity | The 6-phase workflow is clearly sequenced with logical progression from discovery through validation, compliance, best practices, security, and reporting. Phase 3 includes a validation checkpoint (exit code 1 triggers migration steps). The skill explicitly states to adapt depth based on user request, and includes feedback loops like 'verify against OpenAPI schema before recommending changes.' | 3 / 3 |
Progressive Disclosure | Excellent progressive disclosure with a clear overview workflow in the main file and well-signaled one-level-deep references to 6 separate reference files (repo-patterns.md, best-practices.md, security-audit.md, api-migration.md, flux-api-summary.md, flux-operator-api-summary.md). The 'Loading References' section explicitly describes when to load each file. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- fluxcd/agent-skills
- Commit
5563322
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.