← Back to Skills Marketplace
k8s-ops
by
CN-big-cabbage
· GitHub ↗
· v2.1.0
· MIT-0
125
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install k8s-ops
Description
Kubernetes operations plugin — 32 tools for cluster management, monitoring, troubleshooting, and security auditing
README (SKILL.md)
k8s-ops
Kubernetes operations plugin for OpenClaw. Provides 32 tools covering the full lifecycle of K8s cluster management.
Tools
- Pod Management: list, inspect, exec, logs, port-forward
- Deployments: status, rollout, scale, restart
- Services & Networking: services, ingress, gateway, network policies
- Workloads: jobs, cronjobs, daemonsets, statefulsets, HPA
- Storage: PV/PVC management
- Security: RBAC audit, security scanning, pod security policies
- Observability: events, metrics, health checks, cost analysis
- Troubleshooting: diagnostics, topology, event analysis
- Advanced: CRDs, Helm releases, PDB, YAML generation, namespace management
Requirements
kubectlinstalled and configured with cluster access- Valid kubeconfig (defaults to
~/.kube/config)
Configuration
Optional plugin config:
| Field | Description |
|---|---|
kubeconfigPath |
Custom path to kubeconfig file |
defaultContext |
Default Kubernetes context to use |
hosts |
SSH target hosts for sys-monitor tool |
Usage Guidance
This plugin claims to be a Kubernetes toolbox and that part is plausible, but the actual tool implementations are imported from @k8s-ops/core which is not included or linked to a homepage — you cannot audit the code that will run. The plugin will read your kubeconfig (~/.kube/config) and can accept SSH credentials (password or privateKeyPath) via its config, which gives it access to sensitive cluster and host credentials. Before installing: 1) ask the publisher for the source/homepage and the full @k8s-ops/core package so you can review the handlers; 2) avoid supplying real kubeconfigs or private keys until you audit the code; 3) run the plugin in an isolated environment or with least-privilege kubeconfig (read-only, limited namespaces) if you must test; 4) prefer plugins with transparent provenance (public repo, reproducible builds). If the author cannot provide the core package/source, treat this as untrusted.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description, SKILL.md, and the code all claim Kubernetes management and require kubectl/kubeconfig — that is coherent. However the package delegates all tool handlers to @k8s-ops/core (skillRegistry), which is not present in the published files; the plugin also exposes an SSH-related hosts config (password/privateKeyPath) not mentioned in the high-level requirements. These are plausible features for a K8s ops tool but increase the trust surface.
Instruction Scope
SKILL.md only instructs using kubectl and kubeconfig (default ~/.kube/config) which is expected. But the actual handlers are loaded from @k8s-ops/core (skillRegistry) — the SKILL.md does not include the implementation of those 32 tools. Because the runtime handlers are external, we cannot confirm they stay within the stated scope (they could read other files, make network calls, or transmit cluster/SSH credentials).
Install Mechanism
No install spec (instruction-only) reduces install-time risk. However package.json depends on "@k8s-ops/core": "workspace:*" which indicates the real logic lives in a workspace package that is not included here; this unresolved dependency is a supply-chain risk (the core package determines runtime behavior).
Credentials
The skill declares no required env vars but expects a kubeconfig (defaults to ~/.kube/config) and offers optional SSH credentials/privateKeyPath in its config schema. Reading the user's kubeconfig and optionally SSH private keys accesses very sensitive secrets. Those credential accesses are not declared as required environment/config paths in the metadata — a mismatch that increases risk.
Persistence & Privilege
always is false and there is no indication the plugin demands permanent privileged presence or modifies other skills. It registers tools and runs when invoked. Autonomous invocation is allowed by platform default; that combination is not by itself flagged.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install k8s-ops - After installation, invoke the skill by name or use
/k8s-ops - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.0
feat: add new tools
v2.0.0
Initial monorepo release with 32 Kubernetes management tools
Metadata
Frequently Asked Questions
What is k8s-ops?
Kubernetes operations plugin — 32 tools for cluster management, monitoring, troubleshooting, and security auditing. It is an AI Agent Skill for Claude Code / OpenClaw, with 125 downloads so far.
How do I install k8s-ops?
Run "/install k8s-ops" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is k8s-ops free?
Yes, k8s-ops is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does k8s-ops support?
k8s-ops is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created k8s-ops?
It is built and maintained by CN-big-cabbage (@cn-big-cabbage); the current version is v2.1.0.
More Skills