MCP App StoreMCP App Store
from cybersecurity-skills-zh10
Step-by-step guidance to deploy HashiCorp Vault for centralized secrets management: dynamic credentials, transit encryption, PKI, Kubernetes integration, and au
This skill provides a comprehensive, practical guide for deploying HashiCorp Vault to manage secrets centrally across cloud and Kubernetes environments. It explains HA deployment patterns (Raft), TLS and auto-unseal, authentication backends (AppRole, OIDC, Kubernetes), dynamic database credentials, AWS IAM credential generation, Transit encryption for application-level crypto, and PKI for certificate issuance. The documentation includes config snippets, CLI examples, and operational checks for secure production use.
Use this skill when migrating from static, long-lived credentials to dynamic short-lived secrets; when Kubernetes workloads need secure secret injection; when compliance requires auditable credential management; or when you need centralized PKI and encryption-as-a-service. Not targeted at pure AWS-only shops where Secrets Manager suffices.
Useful as a manual runbook for security engineers and as a knowledge skill for agents assisting with ops guidance and IaC generation.
Comprehensive HashiCorp Vault secrets management skill covering HA deployment, auth methods (AppRole, OIDC, K8s), dynamic secrets engines, Transit encryption, PKI, and policies. Entirely in Chinese. The bundled script (agent.py) is a minimal Vault audit tool that requires --target and --token args; it failed in dry-run because those args weren't provided. The SKILL.md itself is well-written with detailed steps, code examples, and practical scenarios.
Well-structured cybersecurity skill with good coverage of Vault concepts. The script is basic but functional. No security concerns — no hardcoded real credentials, no destructive commands, no exfiltration. Main limitation is the Chinese-only content and the script lacking a dry-run/no-args mode.
Sandbox0 Integration
Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.
Monitoring Stack Deployer
Deploy and configure production-ready monitoring stacks (Prometheus, Grafana, Datadog) with collectors, dashboards, and alerting rules for Kubernetes, Docker, o
Kube Audit Kit
Read-only Kubernetes security audit toolkit that exports cluster resources, sanitizes metadata, groups applications, and generates PSS/NSA-compliant audit repor
Terradev — Cross‑Cloud GPU Provisioning
Provision and manage GPUs across clouds, create GPU Kubernetes clusters, deploy inference endpoints, and burst local compute to cloud with BYOAPI credential saf
Kurtosis Cluster Manage
Switch and manage Kurtosis clusters (Docker vs Kubernetes), list available clusters, and configure the Kurtosis engine and gateway for the chosen backend.
Kubernetes Best Practices
Practical checklist and guidance to avoid common Kubernetes mistakes: resource requests/limits, probes, labels/selectors, configmaps/secrets, networking, storag
AgenticX Deployer
Deployment guide and commands to take AgenticX agents from development to production using API server, Docker, Kubernetes, and Volcengine AgentKit.
Azure Arc Expertise
Expert guidance and runbooks for Azure Arc: troubleshooting, security, configuration, integrations, and deployments for Arc-enabled Kubernetes, servers, SQL MI,