Agent skill
phase-3-runtime-weeks-9-12
Runtime enforcement phase overview. Policy-as-code with Kyverno, resource limits, image source verification, security context enforcement, and policy observability for production Kubernetes hardening.
Install this agent skill to your Project
npx add-skill https://github.com/adaptive-enforcement-lab/claude-skills/tree/main/plugins/enforce/skills/phase-3-runtime-weeks-9-12
SKILL.md
Phase 3: Runtime (Weeks 9-12)
When to Use This Skill
Phase 3 extends enforcement to runtime through three critical areas:
- Policy Enforcement - Core Kyverno policies for resource limits, image verification, security context
- Advanced Policies - Namespace quotas, pod security standards, network policies
- Rollout Strategy - Audit-first deployment approach and metrics
These controls ensure only compliant workloads run in production.
Implementation
See the full implementation guide in the source documentation.
Related Patterns
- Policy-as-Code with Kyverno
- Pod Security Standards
- Runtime Security
- Implementation Roadmap Overview
- Phase 2: Automation
- Phase 4: Advanced →
References
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
github-token-permissions-overview
Understanding GITHUB_TOKEN scope, default permissions, and implementing least-privilege principle for GitHub Actions workflows.
secure
Find and fix security issues before they become incidents. Vulnerability scanning, SBOM generation, supply chain security, and secure authentication workflows.
complete-workflow-examples
Copy-paste hardened CI/CD workflows with SHA-pinned actions, minimal GITHUB_TOKEN permissions, OIDC authentication, and comprehensive security scanning for GitHub Actions.
ephemeral-runner-patterns
Disposable runner patterns for GitHub Actions. Container-based, VM-based, and ARC deployment strategies with complete state isolation between jobs.
action-pinning-overview
Why pinning GitHub Actions to SHA-256 commits matters for supply chain security. Attack vectors from unpinned actions and comparison of tag vs SHA pinning.
github-actions-security-patterns-hub
Complete security patterns for GitHub Actions covering action pinning, GITHUB_TOKEN permissions, third-party action risks, secret management, and runner security.
Didn't find tool you were looking for?