CtrlK
BlogDocsLog inGet started
Tessl Logo

managing-network-policies

Execute use when managing Kubernetes network policies and firewall rules. Trigger with phrases like "create network policy", "configure firewall rules", "restrict pod communication", or "setup ingress/egress rules". Generates Kubernetes NetworkPolicy manifests following least privilege and zero-trust principles.

68

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is concise and well-sequenced with a strong validation/iterate feedback loop, but it underperforms on actionability and progressive disclosure because the bundled manifest template and generator script are present yet never referenced from the SKILL.md body.

Suggestions

Reference the bundled template inline, e.g. 'Use assets/network_policy_template.yaml as a starting point for manifests', and link to scripts/generate_network_policy.py where appropriate, so progressive disclosure is well-signaled.

Include at least one complete, copy-paste-ready NetworkPolicy YAML example (e.g. a default-deny plus a DNS egress policy) in the body to raise actionability.

In the Instructions, pair each allow-rule step with the concrete kubectl apply command and the verification command so the workflow is fully executable end-to-end.

DimensionReasoningScore

Conciseness

The body is lean and dense, with no padding explaining concepts Claude already knows (e.g., what Kubernetes or a CNI is); each section — Prerequisites, Instructions, Error Handling — earns its place with actionable, specific content.

3 / 3

Actionability

Provides concrete commands (kubectl exec, calicoctl node status, cilium monitor) and specific ports, but gives no inline NetworkPolicy manifest example, and the real template in assets/network_policy_template.yaml is never referenced — a key detail is missing for a manifest-generation skill.

2 / 3

Workflow Clarity

A clear 9-step sequence with explicit validation/feedback checkpoints: apply to a test namespace first, verify connectivity with kubectl exec, monitor CNI logs, and iterate by adding allow rules for blocked traffic — a proper apply -> verify -> iterate loop for a risky operation.

3 / 3

Progressive Disclosure

Sections are well organized, but bundle files exist (assets/network_policy_template.yaml, scripts/generate_network_policy.py, references/) that are never referenced or signaled from the body, so the disclosure structure is incomplete and navigation to those resources is missing.

2 / 3

Total

10

/

12

Passed

Description

90%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A strong description that clearly states its purpose and supplies explicit, natural trigger phrases. Its only weakness is specificity, where it names one primary concrete action rather than enumerating several distinct capabilities.

DimensionReasoningScore

Specificity

Names the domain and a concrete action ("Generates Kubernetes NetworkPolicy manifests following least privilege and zero-trust principles") but does not list multiple distinct concrete actions like the score-3 anchor; the operational verbs are mostly subsumed under a single 'generate manifests' capability.

2 / 3

Completeness

Explicitly answers both 'what' (generates NetworkPolicy manifests) and 'when' ("Execute use when managing... Trigger with phrases like..."), matching the score-3 anchor with explicit triggers.

3 / 3

Trigger Term Quality

Provides natural trigger phrases a user would actually say — "create network policy", "configure firewall rules", "restrict pod communication", "setup ingress/egress rules" — giving good coverage of natural terms.

3 / 3

Distinctiveness Conflict Risk

Occupies a clear niche (Kubernetes NetworkPolicy manifests) with distinct triggers, making it unlikely to fire for an unrelated skill.

3 / 3

Total

11

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

14

/

16

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.