managing-network-policies
tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill managing-network-policiesExecute use when managing Kubernetes network policies and firewall rules. Trigger with phrases like "create network policy", "configure firewall rules", "restrict pod communication", or "setup ingress/egress rules". Generates Kubernetes NetworkPolicy manifests following least privilege and zero-trust principles.
Validation
81%| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 13 / 16 Passed | |
Implementation
65%This skill provides solid, actionable NetworkPolicy examples with good error handling coverage. However, it suffers from some boilerplate verbosity, a corrupted/duplicated section mid-document, and lacks explicit validation commands for testing policies after application. The workflow would benefit from concrete kubectl commands for verification steps.
Suggestions
Add explicit validation commands in the workflow (e.g., 'kubectl exec -it test-pod -- curl backend:8080' to verify connectivity before/after policy changes)
Remove the duplicate/corrupted '## Overview' and 'Example usage patterns will be demonstrated in context' text that appears mid-YAML
Replace the generic prerequisites with a brief note about required network plugin support, removing explanations Claude already knows
Add a feedback loop step with specific commands for checking network plugin logs (e.g., 'kubectl logs -n kube-system -l k8s-app=calico-node | grep -i deny')
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Contains some unnecessary boilerplate (duplicate '## Overview' sections, generic 'This skill provides automated assistance' text) and the prerequisites section explains concepts Claude likely knows, but the core content is reasonably efficient. | 2 / 3 |
Actionability | Provides complete, executable YAML manifests that are copy-paste ready, with specific examples for ingress, egress, and default-deny policies. The kubectl command for label verification is concrete and useful. | 3 / 3 |
Workflow Clarity | Steps are listed but lack explicit validation checkpoints. For network policies (which can break connectivity), there should be explicit 'test connectivity before/after' commands and a feedback loop for iterating on blocked traffic, not just 'Test Policies' as a vague step. | 2 / 3 |
Progressive Disclosure | Content is reasonably organized with clear sections, but the YAML examples are quite long inline. References to external resources exist but the skill could better signal when to use the referenced examples directory vs inline content. | 2 / 3 |
Total | 9 / 12 Passed |
Activation
90%This is a well-structured skill description with excellent trigger term coverage and clear 'when to use' guidance. The main weakness is that the 'what it does' portion could be more specific about the range of concrete actions beyond just generating manifests. The description effectively carves out a distinct niche in the Kubernetes ecosystem.
Suggestions
Expand the capabilities section to list 2-3 more specific actions (e.g., 'audit existing policies', 'validate network rules', 'troubleshoot pod connectivity issues')
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (Kubernetes network policies/firewall rules) and mentions generating NetworkPolicy manifests, but doesn't list multiple concrete actions beyond 'generates manifests'. Could specify more actions like 'audit existing policies', 'validate rules', or 'troubleshoot connectivity'. | 2 / 3 |
Completeness | Explicitly answers both what ('Generates Kubernetes NetworkPolicy manifests following least privilege and zero-trust principles') and when ('Execute use when managing Kubernetes network policies and firewall rules. Trigger with phrases like...'). Has clear explicit trigger guidance. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger phrases: 'create network policy', 'configure firewall rules', 'restrict pod communication', 'setup ingress/egress rules'. These are terms users would naturally say when needing this skill. | 3 / 3 |
Distinctiveness Conflict Risk | Very specific niche focused on Kubernetes NetworkPolicy manifests with distinct triggers like 'network policy', 'pod communication', 'ingress/egress rules'. Unlikely to conflict with general Kubernetes skills or generic firewall tools. | 3 / 3 |
Total | 11 / 12 Passed |
Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.