Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Kubernetes Manifest Audit

БесплатноНе проверен

kube-linter audit for Kubernetes manifests — 63 checks: security, availability, RBAC, network.

GitHubEmbed

Описание

kube-linter audit for Kubernetes manifests — 63 checks: security, availability, RBAC, network.

README

k8s-manifest-audit — static audit of Kubernetes manifests via MCP. Powered by kube-linter. Part of the Unbearable Labs audit shop.

Built by Unbearable Labs. Pay-per-event pricing — only billed when a tool is actually called.


What it does

Point any MCP-capable client (Claude Desktop, Cursor, n8n, Make, Zapier, custom agents) at this server, hand it a Kubernetes manifest or directory of manifests, get back a structured report:

  • Severity — high / medium / low / info
  • Check ID — kube-linter check name (e.g. privileged-container, unset-cpu-requirements)
  • Category — security / resources / availability / network / rbac / images / config
  • Message — what kube-linter found and where
  • Remediation hint — what to do about it
  • Object location — kind, name, namespace of the offending resource

63 checks total (31 enabled by default). Covers Deployment, Service, Ingress, ConfigMap, Secret, StatefulSet, DaemonSet, Job, CronJob, NetworkPolicy, RBAC, HPA, PDB, and more.

Tools

Tool Pricing Purpose
audit_manifest(yaml_content) $0.02 Audit a single YAML string (may contain multi-doc ---)
audit_directory(files) $0.02 Audit multiple files — cross-file checks work correctly
list_checks(enabled_only=False) $0.005 Browse the full 63-check catalog with severity + category
explain_check(check_id) $0.005 Get description + remediation for one specific check

Quick start

{
  "mcpServers": {
    "k8s-manifest-audit": {
      "url": "https://unbearable-dev--k8s-manifest-audit.apify.actor/mcp",
      "headers": { "Authorization": "Bearer <YOUR_APIFY_TOKEN>" }
    }
  }
}

Check catalog (sample — 63 checks total)

Check ID Category Severity (mapped)
privileged-container security high
privilege-escalation-container security high
run-as-non-root security high
env-var-secret security high
host-pid / host-ipc / host-network security high
wildcard-in-rules rbac high
cluster-admin-role-binding rbac high
unset-cpu-requirements resources medium
unset-memory-requirements resources medium
no-liveness-probe / no-readiness-probe availability medium
latest-tag images medium
minimum-three-replicas availability medium
no-rolling-update-strategy availability medium
dangling-service / dangling-ingress config low
use-namespace config low

Use list_checks to get the full, up-to-date catalog.

Pricing

Event USD
audit_manifest or audit_directory call $0.02
list_checks or explain_check call $0.005

Powered by kube-linter (MIT, StackRox/Red Hat).


Built by Noel @ Unbearable Labs — more like this in the weekly newsletter.

from github.com/UnbearableDev/k8s-manifest-audit

Установка Kubernetes Manifest Audit

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/UnbearableDev/k8s-manifest-audit

FAQ

Kubernetes Manifest Audit MCP бесплатный?

Да, Kubernetes Manifest Audit MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Kubernetes Manifest Audit?

Нет, Kubernetes Manifest Audit работает без API-ключей и переменных окружения.

Kubernetes Manifest Audit — hosted или self-hosted?

Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.

Как установить Kubernetes Manifest Audit в Claude Desktop, Claude Code или Cursor?

Открой Kubernetes Manifest Audit на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Kubernetes Manifest Audit with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории development