managing-network-policies
Execute use when managing Kubernetes network policies and firewall rules. Trigger with phrases like "create network policy", "configure firewall rules", "restrict pod communication", or "setup ingress/egress rules". Generates Kubernetes NetworkPolicy manifests following least privilege and zero-trust principles.
Install with Tessl CLI
npx tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill managing-network-policies80
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-structured skill description with excellent trigger term coverage and clear when/what guidance. The main weakness is that the 'what' portion could be more specific about the range of concrete actions beyond just generating manifests. The description effectively carves out a distinct niche in Kubernetes network security.
Suggestions
Expand the capabilities section to list 2-3 more specific actions (e.g., 'audit existing policies', 'validate network rules', 'troubleshoot pod connectivity issues')
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (Kubernetes network policies/firewall rules) and mentions generating NetworkPolicy manifests, but doesn't list multiple concrete actions beyond 'generates manifests'. Could specify more actions like 'audit existing policies', 'validate rules', or 'troubleshoot connectivity'. | 2 / 3 |
Completeness | Clearly answers both what (generates Kubernetes NetworkPolicy manifests following least privilege/zero-trust) and when (explicit 'Trigger with phrases like...' clause with multiple examples). The 'Execute use when' and 'Trigger with' clauses provide explicit guidance. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger phrases: 'create network policy', 'configure firewall rules', 'restrict pod communication', 'setup ingress/egress rules'. These are terms users would naturally say when needing this skill. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with specific Kubernetes networking focus. Trigger terms like 'NetworkPolicy', 'pod communication', 'ingress/egress rules' are niche enough to avoid conflicts with general Kubernetes or generic firewall skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides solid, actionable Kubernetes NetworkPolicy examples with good error handling coverage. However, it suffers from some structural issues including duplicate overview sections, vague validation steps in the workflow, and could benefit from better organization with external references for the lengthy YAML examples.
Suggestions
Add explicit validation commands in the workflow (e.g., 'kubectl describe networkpolicy <name>' to verify policy is applied, 'kubectl exec' to test connectivity)
Remove duplicate '## Overview' section and generic boilerplate text to improve conciseness
Move detailed YAML examples to a separate EXAMPLES.md file and keep only a minimal example in SKILL.md
Add a feedback loop step: 'If connectivity test fails, check network plugin logs with: kubectl logs -n kube-system -l k8s-app=calico-node'
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Contains some unnecessary boilerplate (duplicate '## Overview' sections, generic phrases like 'This skill provides automated assistance'), but the YAML examples are appropriately lean and the error handling section is efficient. | 2 / 3 |
Actionability | Provides fully executable YAML manifests that are copy-paste ready, includes specific kubectl commands for debugging, and gives concrete examples of both ingress and egress policies with real port numbers and selectors. | 3 / 3 |
Workflow Clarity | Steps are listed but validation is vague ('Test Policies: Verify connectivity works as expected'). Missing explicit validation commands or feedback loops for verifying policy application before moving to production. | 2 / 3 |
Progressive Disclosure | References external resources and example directories, but the main content is somewhat monolithic. The YAML examples could be split into separate reference files, with SKILL.md providing a concise overview and links. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.