ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cluster Agent Swarm

v0.1.0

Complete Platform Agent Swarm — A coordinated multi-agent system for Kubernetes and OpenShift platform operations. Includes Orchestrator (Jarvis), Cluster Op...

0· 336·0 current·0 all-time
byChin K@kcns008
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (multi-agent cluster operations) matches the listed tools (kubectl, oc, argocd, helm, kustomize, cloud CLIs). However, the skill does not declare any required credentials or config paths even though legitimate operation requires kubeconfigs and cloud provider credentials; that omission is unexpected and should be explained.
Instruction Scope
SKILL.md instructs agents to read cluster state, run GitOps operations, scan images/SBOMs, and run runbooks. Those actions legitimately require access to cluster state and registries. The instructions do not explicitly reference which local files or env vars (e.g., ~/.kube/config, KUBECONFIG, AWS/GCP creds, ArgoCD tokens) will be read or required, creating ambiguity about what the agent will access at runtime.
Install Mechanism
The packaged skill is instruction-only (no install spec). The document recommends installing via 'npx skills add https://github.com/…', which would fetch and run code from a third‑party GitHub repository. Fetching runtime code from an external repo is common but increases risk if the repository is unvetted; no checksum, release tag, or verified publisher is provided.
!
Credentials
Despite describing actions that require privileged credentials (kubeconfig, cloud provider credentials, registry credentials, ArgoCD tokens), the skill declares no required environment variables or primary credential. Asking to operate on clusters without declaring expected credentials is disproportionate and obscures what sensitive secrets the agent will need or access.
Persistence & Privilege
always:false (good). The metadata includes heartbeat schedules causing periodic autonomous activity; autonomous invocation is platform-default but combined with missing credential declarations and broad operational scope increases the blast radius. The skill also documents auto-subscription behavior (agents receive all comments once subscribed), which could cause persistent collection of task/comment data.
What to consider before installing
This skill claims broad, privileged cluster control but does not declare what credentials or config paths it needs and recommends pulling code from an external GitHub repo. Before installing: (1) Review the referenced GitHub repository and the actual skill code (do not run 'npx' blindly); (2) Verify exactly which credentials and kubeconfigs the skill will use and ensure least-privilege service accounts are provided (avoid cluster-admin); (3) Run first in an isolated/staging environment and audit actions/logs; (4) Require human approval gating for any destructive operations and confirm the promised 'cannot do' guardrails are enforced in code; (5) Prefer explicit environment-variable declarations and documented auth flows (e.g., use dedicated service accounts, short-lived tokens) — if the author cannot provide these, treat the package as higher risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ah523byc2j8kqhpyfc65sch8261xc
336downloads
0stars
1versions
Updated 7h ago
v0.1.0
MIT-0
Chin K@kcns008
latest
Download

Cluster Agent Swarm — Complete Platform Operations

This is the complete cluster-agent-swarm skill package. When you add this skill, you get access to ALL 7 specialized agents working together as a coordinated swarm.

Installation Options

Install All Skills (Recommended)

npx skills add https://github.com/kcns008/cluster-agent-swarm-skills

This installs all 7 agents as a single combined skill with access to all capabilities.

Install Individual Skills

Each agent can also be installed separately:

# Orchestrator - Task routing and coordination
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/orchestrator

# Cluster Ops - Atlas (cluster operations)
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/cluster-ops

# GitOps - Flow (ArgoCD, Helm, Kustomize)
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/gitops

# Security - Shield (RBAC, policies, CVEs)
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/security

# Observability - Pulse (metrics, alerts, incidents)
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/observability

# Artifacts - Cache (registries, SBOM, promotions)
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/artifacts

# Developer Experience - Desk (namespaces, onboarding)
npx skills add https://github.com/kcns008/cluster-agent-swarm-skills/skills/developer-experience

The Swarm — Agent Roster

AgentCode NameSession KeyDomain
OrchestratorJarvisagent:platform:orchestratorTask routing, coordination, standups
Cluster OpsAtlasagent:platform:cluster-opsCluster lifecycle, nodes, upgrades
GitOpsFlowagent:platform:gitopsArgoCD, Helm, Kustomize, deploys
SecurityShieldagent:platform:securityRBAC, policies, secrets, scanning
ObservabilityPulseagent:platform:observabilityMetrics, logs, alerts, incidents
ArtifactsCacheagent:platform:artifactsRegistries, SBOM, promotion, CVEs
Developer ExperienceDeskagent:platform:developer-experienceNamespaces, onboarding, support

Agent Capabilities Summary

What Agents CAN Do

  • Read cluster state (kubectl get, kubectl describe, oc get)
  • Deploy via GitOps (argocd app sync, Flux reconciliation)
  • Create documentation and reports
  • Investigate and triage incidents
  • Provision standard resources (namespaces, quotas, RBAC)
  • Run health checks and audits
  • Scan images and generate SBOMs
  • Query metrics and logs
  • Execute pre-approved runbooks

What Agents CANNOT Do (Human-in-the-Loop Required)

  • Delete production resources (kubectl delete in prod)
  • Modify cluster-wide policies (NetworkPolicy, OPA, Kyverno cluster policies)
  • Make direct changes to secrets without rotation workflow
  • Modify network routes or service mesh configuration
  • Scale beyond defined resource limits
  • Perform irreversible cluster upgrades
  • Approve production deployments (can prepare, human approves)
  • Change RBAC at cluster-admin level

Communication Patterns

@Mentions

Agents communicate via @mentions in shared task comments:

@Shield Please review the RBAC for payment-service v3.2 before I sync.
@Pulse Is the CPU spike related to the deployment or external traffic?
@Atlas The staging cluster needs 2 more worker nodes.

Thread Subscriptions

  • Commenting on a task → auto-subscribe
  • Being @mentioned → auto-subscribe
  • Being assigned → auto-subscribe
  • Once subscribed → receive ALL future comments on heartbeat

Escalation Path

  1. Agent detects issue
  2. Agent attempts resolution within guardrails
  3. If blocked → @mention another agent or escalate to human
  4. P1 incidents → all relevant agents auto-notified

Heartbeat Schedule

Agents wake on staggered 5-minute intervals:

*/5  * * * *  Atlas   (Cluster Ops - needs fast response for incidents)
*/5  * * * *  Pulse   (Observability - needs fast response for alerts)
*/5  * * * *  Shield  (Security - fast response for CVEs and threats)
*/10 * * * *  Flow    (GitOps - deployments can wait a few minutes)
*/10 * * * *  Cache   (Artifacts - promotions are scheduled)
*/15 * * * *  Desk    (DevEx - developer requests aren't usually urgent)
*/15 * * * *  Orchestrator (Coordination - overview and standups)

Key Principles

  • Roles over genericism — Each agent has a defined SOUL with exactly who they are
  • Files over mental notes — Only files persist between sessions
  • Staggered schedules — Don't wake all agents at once
  • Shared context — One source of truth for tasks and communication
  • Heartbeat, not always-on — Balance responsiveness with cost
  • Human-in-the-loop — Critical actions require approval
  • Guardrails over freedom — Define what agents can and cannot do
  • Audit everything — Every action logged to activity feed
  • Reliability first — System stability always wins over new features
  • Security by default — Deny access, approve by exception

Detailed Agent Capabilities

Orchestrator (Jarvis)

  • Task routing: determining which agent should handle which request
  • Workflow orchestration: coordinating multi-agent operations
  • Daily standups: compiling swarm-wide status reports
  • Priority management: determining urgency and sequencing of work
  • Cross-agent communication: facilitating collaboration
  • Accountability: tracking what was promised vs what was delivered

Cluster Ops (Atlas)

  • OpenShift/Kubernetes cluster operations (upgrades, scaling, patching)
  • Node pool management and autoscaling
  • Resource quota management and capacity planning
  • Network troubleshooting (OVN-Kubernetes, Cilium, Calico)
  • Storage class management and PVC/CSI issues
  • etcd backup, restore, and health monitoring
  • Multi-platform expertise (OCP, EKS, AKS, GKE, ROSA, ARO)

GitOps (Flow)

  • ArgoCD application management (sync, rollback, sync waves, hooks)
  • Helm chart development, debugging, and templating
  • Kustomize overlays and patch generation
  • ApplicationSet templates for multi-cluster deployments
  • Deployment strategy management (canary, blue-green, rolling)
  • Git repository management and branching strategies
  • Drift detection and remediation
  • Secrets management integration (Vault, Sealed Secrets, External Secrets)

Security (Shield)

  • RBAC audit and management
  • NetworkPolicy review and enforcement
  • Security policy validation (OPA, Kyverno)
  • Vulnerability scanning (image scanning, CVE triage)
  • Secret rotation workflows
  • Security incident investigation
  • Compliance reporting

Observability (Pulse)

  • Prometheus/Grafana metric queries
  • Log aggregation and search (Loki, Elasticsearch)
  • Alert triage and investigation
  • SLO tracking and error budget monitoring
  • Incident response coordination
  • Dashboards and visualization
  • Telemetry pipeline troubleshooting

Artifacts (Cache)

  • Container registry management
  • Image scanning and CVE analysis
  • SBOM generation and tracking
  • Artifact promotion workflows
  • Version management
  • Registry caching and proxying

Developer Experience (Desk)

  • Namespace provisioning
  • Resource quota and limit range management
  • Developer onboarding
  • Template generation
  • Developer support and troubleshooting
  • Documentation generation

File Structure

cluster-agent-swarm-skills/
├── SKILL.md                    # This file - combined swarm
├── AGENTS.md                   # Swarm configuration and protocols
├── skills/
│   ├── orchestrator/           # Jarvis - task routing
│   │   └── SKILL.md
│   ├── cluster-ops/            # Atlas - cluster operations
│   │   └── SKILL.md
│   ├── gitops/                 # Flow - GitOps
│   │   └── SKILL.md
│   ├── security/               # Shield - security
│   │   └── SKILL.md
│   ├── observability/          # Pulse - monitoring
│   │   └── SKILL.md
│   ├── artifacts/              # Cache - artifacts
│   │   └── SKILL.md
│   └── developer-experience/   # Desk - DevEx
│       └── SKILL.md
├── scripts/                    # Shared scripts
└── references/                 # Shared documentation

Reference Documentation

For detailed capabilities of each agent, refer to individual SKILL.md files:

  • skills/orchestrator/SKILL.md - Full Orchestrator documentation
  • skills/cluster-ops/SKILL.md - Full Cluster Ops documentation
  • skills/gitops/SKILL.md - Full GitOps documentation
  • skills/security/SKILL.md - Full Security documentation
  • skills/observability/SKILL.md - Full Observability documentation
  • skills/artifacts/SKILL.md - Full Artifacts documentation
  • skills/developer-experience/SKILL.md - Full Developer Experience documentation

Comments

Loading comments...