Agent skill

secure-by-design-pattern-library

Secure-by-design architecture patterns for Kubernetes. Zero trust, defense in depth, least privilege, and fail-secure patterns with implementation examples and threat models.

Stars 1
Forks 2

Install this agent skill to your Project

npx add-skill https://github.com/adaptive-enforcement-lab/claude-skills/tree/main/plugins/patterns/skills/secure-by-design-pattern-library

SKILL.md

Secure-by-Design Pattern Library

When to Use This Skill

Building security into architecture from the ground up, not bolting it on afterward. These patterns enforce security properties at the application, network, and admission control layers, making violations visible and costly.

Implementation

See the full implementation guide in the source documentation.

Techniques

Integration Patterns

End-to-End Deployment

Complete example combining all patterns:

  • Zero trust mTLS communication
  • Defense in depth pod hardening
  • Least privilege RBAC configuration
  • Fail secure admission controls

Security Audit Checklist

Verification checklist before deployment:

  • Zero Trust: mTLS policies in place
  • Defense in Depth: Pod security contexts enforced
  • Network Policies: Default-deny rules configured
  • Least Privilege: Minimal RBAC permissions
  • Fail Secure: Admission webhooks with failurePolicy: Fail

References

Expand your agent's capabilities with these related and highly-rated skills.

Didn't find tool you were looking for?

Be as detailed as possible for better results