{ "schemaVersion": "1.0", "item": { "slug": "kubernetes-devops", "name": "Kubernetes", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/wpank/kubernetes-devops", "canonicalUrl": "https://clawhub.ai/wpank/kubernetes-devops", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/kubernetes-devops", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=kubernetes-devops", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "SKILL.md", "assets/configmap-template.yaml", "assets/cronjob-template.yaml", "assets/service-template.yaml", "assets/statefulset-template.yaml" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "slug": "kubernetes-devops", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-04T19:16:30.654Z", "expiresAt": "2026-05-11T19:16:30.654Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=kubernetes-devops", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=kubernetes-devops", "contentDisposition": "attachment; filename=\"kubernetes-devops-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "kubernetes-devops" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/kubernetes-devops" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/kubernetes-devops", "agentPageUrl": "https://openagent3.xyz/skills/kubernetes-devops/agent", "manifestUrl": "https://openagent3.xyz/skills/kubernetes-devops/agent.json", "briefUrl": "https://openagent3.xyz/skills/kubernetes-devops/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Kubernetes", "body": "Production-ready Kubernetes manifest generation covering Deployments, StatefulSets,\nCronJobs, Services, Ingresses, ConfigMaps, Secrets, and PVCs with security contexts,\nhealth checks, and resource management." }, { "title": "OpenClaw / Moltbot / Clawbot", "body": "npx clawhub@latest install kubernetes" }, { "title": "When to Use", "body": "ScenarioExampleCreate deployment manifestsNew microservice needing Deployment + ServiceDefine networking resourcesClusterIP, LoadBalancer, Ingress with TLSManage configurationConfigMaps for app config, Secrets for credentialsStateful workloadsDatabases with StatefulSets + PVCsScheduled jobsCronJobs for batch processingMulti-environment setupKustomize overlays for dev/staging/prod" }, { "title": "Workload Selection", "body": "Workload TypeResourceWhen to UseStateless appDeploymentWeb servers, APIs, microservicesStateful appStatefulSetDatabases, message queues, cachesOne-off taskJobMigrations, data importsScheduled taskCronJobBackups, reports, cleanupPer-node agentDaemonSetLog collectors, monitoring agents" }, { "title": "Deployment", "body": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: my-app\n namespace: production\n labels:\n app.kubernetes.io/name: my-app\n app.kubernetes.io/version: \"1.0.0\"\n app.kubernetes.io/component: backend\nspec:\n replicas: 3\n selector:\n matchLabels:\n app.kubernetes.io/name: my-app\n template:\n metadata:\n labels:\n app.kubernetes.io/name: my-app\n app.kubernetes.io/version: \"1.0.0\"\n spec:\n securityContext:\n runAsNonRoot: true\n runAsUser: 1000\n fsGroup: 1000\n seccompProfile:\n type: RuntimeDefault\n containers:\n - name: my-app\n image: registry.example.com/my-app:1.0.0\n ports:\n - containerPort: 8080\n name: http\n resources:\n requests:\n cpu: 250m\n memory: 256Mi\n limits:\n cpu: 500m\n memory: 512Mi\n securityContext:\n allowPrivilegeEscalation: false\n readOnlyRootFilesystem: true\n capabilities:\n drop: [ALL]\n livenessProbe:\n httpGet:\n path: /health\n port: http\n initialDelaySeconds: 30\n periodSeconds: 10\n readinessProbe:\n httpGet:\n path: /ready\n port: http\n initialDelaySeconds: 5\n periodSeconds: 5\n env:\n - name: LOG_LEVEL\n valueFrom:\n configMapKeyRef:\n name: my-app-config\n key: LOG_LEVEL\n - name: DB_PASSWORD\n valueFrom:\n secretKeyRef:\n name: my-app-secret\n key: DATABASE_PASSWORD" }, { "title": "ClusterIP (Internal)", "body": "apiVersion: v1\nkind: Service\nmetadata:\n name: my-app\n namespace: production\nspec:\n type: ClusterIP\n selector:\n app.kubernetes.io/name: my-app\n ports:\n - name: http\n port: 80\n targetPort: 8080\n protocol: TCP" }, { "title": "LoadBalancer (External)", "body": "apiVersion: v1\nkind: Service\nmetadata:\n name: my-app-lb\n namespace: production\n annotations:\n service.beta.kubernetes.io/aws-load-balancer-type: nlb\nspec:\n type: LoadBalancer\n selector:\n app.kubernetes.io/name: my-app\n ports:\n - name: http\n port: 80\n targetPort: 8080" }, { "title": "Service Type Quick Reference", "body": "TypeScopeUse CaseClusterIPCluster-internalInter-service communicationNodePortExternal via node IPDev/testing, on-premLoadBalancerExternal via cloud LBProduction external accessExternalNameDNS aliasMapping to external services" }, { "title": "Ingress", "body": "apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: my-app\n namespace: production\n annotations:\n cert-manager.io/cluster-issuer: letsencrypt-prod\n nginx.ingress.kubernetes.io/rate-limit: \"100\"\nspec:\n ingressClassName: nginx\n tls:\n - hosts: [app.example.com]\n secretName: app-tls\n rules:\n - host: app.example.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: my-app\n port:\n number: 80" }, { "title": "ConfigMap", "body": "apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: my-app-config\n namespace: production\ndata:\n LOG_LEVEL: info\n APP_MODE: production\n DATABASE_HOST: db.internal.svc.cluster.local\n app.properties: |\n server.port=8080\n server.host=0.0.0.0" }, { "title": "Secret", "body": "apiVersion: v1\nkind: Secret\nmetadata:\n name: my-app-secret\n namespace: production\ntype: Opaque\nstringData:\n DATABASE_PASSWORD: \"changeme\"\n API_KEY: \"secret-api-key\"\n\nImportant: Never commit plaintext Secrets to Git. Use Sealed Secrets,\nExternal Secrets Operator, or Vault for production." }, { "title": "Persistent Storage", "body": "apiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: my-app-data\n namespace: production\nspec:\n accessModes: [ReadWriteOnce]\n storageClassName: gp3\n resources:\n requests:\n storage: 10Gi\n\nMount in a container:\n\ncontainers:\n - name: app\n volumeMounts:\n - name: data\n mountPath: /var/lib/app\nvolumes:\n - name: data\n persistentVolumeClaim:\n claimName: my-app-data\n\nAccess ModeAbbreviationUse CaseReadWriteOnceRWOSingle-pod databasesReadOnlyManyROXShared config/static assetsReadWriteManyRWXMulti-pod shared storage" }, { "title": "Pod-Level", "body": "spec:\n securityContext:\n runAsNonRoot: true\n runAsUser: 1000\n fsGroup: 1000\n seccompProfile:\n type: RuntimeDefault" }, { "title": "Container-Level", "body": "securityContext:\n allowPrivilegeEscalation: false\n readOnlyRootFilesystem: true\n capabilities:\n drop: [ALL]" }, { "title": "Security Checklist", "body": "CheckStatusrunAsNonRoot: trueRequiredallowPrivilegeEscalation: falseRequiredreadOnlyRootFilesystem: trueRecommendedcapabilities.drop: [ALL]RequiredseccompProfile: RuntimeDefaultRecommendedSpecific image tags (never :latest)RequiredResource requests and limits setRequired" }, { "title": "Standard Labels", "body": "metadata:\n labels:\n app.kubernetes.io/name: my-app\n app.kubernetes.io/instance: my-app-prod\n app.kubernetes.io/version: \"1.0.0\"\n app.kubernetes.io/component: backend\n app.kubernetes.io/part-of: my-system\n app.kubernetes.io/managed-by: kubectl" }, { "title": "Option 1 — Separate Files", "body": "manifests/\n├── configmap.yaml\n├── secret.yaml\n├── deployment.yaml\n├── service.yaml\n└── pvc.yaml" }, { "title": "Option 2 — Kustomize", "body": "base/\n├── kustomization.yaml\n├── deployment.yaml\n├── service.yaml\n└── configmap.yaml\noverlays/\n├── dev/\n│ └── kustomization.yaml\n└── prod/\n ├── kustomization.yaml\n └── resource-patch.yaml" }, { "title": "Validation", "body": "# Client-side dry run\nkubectl apply -f manifest.yaml --dry-run=client\n\n# Server-side validation\nkubectl apply -f manifest.yaml --dry-run=server\n\n# Lint with kube-score\nkube-score score manifest.yaml\n\n# Lint with kube-linter\nkube-linter lint manifest.yaml" }, { "title": "Troubleshooting Quick Reference", "body": "ProblemDiagnosisFixPod stuck Pendingkubectl describe pod — check eventsFix resource requests, node capacity, PVC bindingImagePullBackOffWrong image name/tag or missing pull secretVerify image exists, add imagePullSecretsCrashLoopBackOffApp crashes on startCheck logs: kubectl logs --previousService not reachableSelector mismatchVerify kubectl get endpoints is non-emptyConfigMap not loadingName mismatch or wrong namespaceCheck names match and namespace is correctReadiness probe failingWrong path or portVerify health endpoint works inside containerOOMKilledMemory limit too lowIncrease resources.limits.memory" }, { "title": "NEVER Do", "body": "Anti-PatternWhyDo InsteadUse :latest image tagNon-reproducible deploymentsPin exact version: image:1.2.3Skip resource limitsPods can starve the nodeAlways set requests and limitsRun as rootContainer escape = full host accessSet runAsNonRoot: true + USERCommit plaintext SecretsCredentials in Git history foreverUse Sealed Secrets / External Secrets / VaultSkip health checksK8s can't detect unhealthy podsAlways configure liveness + readiness probesOmit labelsCannot filter, select, or organizeUse standard app.kubernetes.io/* labelsSingle replica for productionZero availability during updatesUse replicas: 3 minimum for HAHardcode config in containersRequires rebuild for config changesUse ConfigMaps and Secrets" }, { "title": "Assets (Templates)", "body": "TemplateDescriptionassets/deployment-template.yamlProduction Deployment with security + probesassets/service-template.yamlClusterIP, LoadBalancer, NodePort examplesassets/configmap-template.yamlConfigMap with data typesassets/statefulset-template.yamlStatefulSet with headless Service + PVCassets/cronjob-template.yamlCronJob with concurrency + historyassets/ingress-template.yamlIngress with TLS, rate limiting, CORS" }, { "title": "References", "body": "ReferenceDescriptionreferences/deployment-spec.mdDetailed Deployment specificationreferences/service-spec.mdService types and networking details" } ], "body": "Kubernetes\n\nProduction-ready Kubernetes manifest generation covering Deployments, StatefulSets, CronJobs, Services, Ingresses, ConfigMaps, Secrets, and PVCs with security contexts, health checks, and resource management.\n\nInstallation\nOpenClaw / Moltbot / Clawbot\nnpx clawhub@latest install kubernetes\n\nWhen to Use\nScenario\tExample\nCreate deployment manifests\tNew microservice needing Deployment + Service\nDefine networking resources\tClusterIP, LoadBalancer, Ingress with TLS\nManage configuration\tConfigMaps for app config, Secrets for credentials\nStateful workloads\tDatabases with StatefulSets + PVCs\nScheduled jobs\tCronJobs for batch processing\nMulti-environment setup\tKustomize overlays for dev/staging/prod\nWorkload Selection\nWorkload Type\tResource\tWhen to Use\nStateless app\tDeployment\tWeb servers, APIs, microservices\nStateful app\tStatefulSet\tDatabases, message queues, caches\nOne-off task\tJob\tMigrations, data imports\nScheduled task\tCronJob\tBackups, reports, cleanup\nPer-node agent\tDaemonSet\tLog collectors, monitoring agents\nDeployment\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: my-app\n namespace: production\n labels:\n app.kubernetes.io/name: my-app\n app.kubernetes.io/version: \"1.0.0\"\n app.kubernetes.io/component: backend\nspec:\n replicas: 3\n selector:\n matchLabels:\n app.kubernetes.io/name: my-app\n template:\n metadata:\n labels:\n app.kubernetes.io/name: my-app\n app.kubernetes.io/version: \"1.0.0\"\n spec:\n securityContext:\n runAsNonRoot: true\n runAsUser: 1000\n fsGroup: 1000\n seccompProfile:\n type: RuntimeDefault\n containers:\n - name: my-app\n image: registry.example.com/my-app:1.0.0\n ports:\n - containerPort: 8080\n name: http\n resources:\n requests:\n cpu: 250m\n memory: 256Mi\n limits:\n cpu: 500m\n memory: 512Mi\n securityContext:\n allowPrivilegeEscalation: false\n readOnlyRootFilesystem: true\n capabilities:\n drop: [ALL]\n livenessProbe:\n httpGet:\n path: /health\n port: http\n initialDelaySeconds: 30\n periodSeconds: 10\n readinessProbe:\n httpGet:\n path: /ready\n port: http\n initialDelaySeconds: 5\n periodSeconds: 5\n env:\n - name: LOG_LEVEL\n valueFrom:\n configMapKeyRef:\n name: my-app-config\n key: LOG_LEVEL\n - name: DB_PASSWORD\n valueFrom:\n secretKeyRef:\n name: my-app-secret\n key: DATABASE_PASSWORD\n\nServices\nClusterIP (Internal)\napiVersion: v1\nkind: Service\nmetadata:\n name: my-app\n namespace: production\nspec:\n type: ClusterIP\n selector:\n app.kubernetes.io/name: my-app\n ports:\n - name: http\n port: 80\n targetPort: 8080\n protocol: TCP\n\nLoadBalancer (External)\napiVersion: v1\nkind: Service\nmetadata:\n name: my-app-lb\n namespace: production\n annotations:\n service.beta.kubernetes.io/aws-load-balancer-type: nlb\nspec:\n type: LoadBalancer\n selector:\n app.kubernetes.io/name: my-app\n ports:\n - name: http\n port: 80\n targetPort: 8080\n\nService Type Quick Reference\nType\tScope\tUse Case\nClusterIP\tCluster-internal\tInter-service communication\nNodePort\tExternal via node IP\tDev/testing, on-prem\nLoadBalancer\tExternal via cloud LB\tProduction external access\nExternalName\tDNS alias\tMapping to external services\nIngress\napiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: my-app\n namespace: production\n annotations:\n cert-manager.io/cluster-issuer: letsencrypt-prod\n nginx.ingress.kubernetes.io/rate-limit: \"100\"\nspec:\n ingressClassName: nginx\n tls:\n - hosts: [app.example.com]\n secretName: app-tls\n rules:\n - host: app.example.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: my-app\n port:\n number: 80\n\nConfigMap & Secret\nConfigMap\napiVersion: v1\nkind: ConfigMap\nmetadata:\n name: my-app-config\n namespace: production\ndata:\n LOG_LEVEL: info\n APP_MODE: production\n DATABASE_HOST: db.internal.svc.cluster.local\n app.properties: |\n server.port=8080\n server.host=0.0.0.0\n\nSecret\napiVersion: v1\nkind: Secret\nmetadata:\n name: my-app-secret\n namespace: production\ntype: Opaque\nstringData:\n DATABASE_PASSWORD: \"changeme\"\n API_KEY: \"secret-api-key\"\n\n\nImportant: Never commit plaintext Secrets to Git. Use Sealed Secrets, External Secrets Operator, or Vault for production.\n\nPersistent Storage\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: my-app-data\n namespace: production\nspec:\n accessModes: [ReadWriteOnce]\n storageClassName: gp3\n resources:\n requests:\n storage: 10Gi\n\n\nMount in a container:\n\ncontainers:\n - name: app\n volumeMounts:\n - name: data\n mountPath: /var/lib/app\nvolumes:\n - name: data\n persistentVolumeClaim:\n claimName: my-app-data\n\nAccess Mode\tAbbreviation\tUse Case\nReadWriteOnce\tRWO\tSingle-pod databases\nReadOnlyMany\tROX\tShared config/static assets\nReadWriteMany\tRWX\tMulti-pod shared storage\nSecurity Context\nPod-Level\nspec:\n securityContext:\n runAsNonRoot: true\n runAsUser: 1000\n fsGroup: 1000\n seccompProfile:\n type: RuntimeDefault\n\nContainer-Level\nsecurityContext:\n allowPrivilegeEscalation: false\n readOnlyRootFilesystem: true\n capabilities:\n drop: [ALL]\n\nSecurity Checklist\nCheck\tStatus\nrunAsNonRoot: true\tRequired\nallowPrivilegeEscalation: false\tRequired\nreadOnlyRootFilesystem: true\tRecommended\ncapabilities.drop: [ALL]\tRequired\nseccompProfile: RuntimeDefault\tRecommended\nSpecific image tags (never :latest)\tRequired\nResource requests and limits set\tRequired\nStandard Labels\nmetadata:\n labels:\n app.kubernetes.io/name: my-app\n app.kubernetes.io/instance: my-app-prod\n app.kubernetes.io/version: \"1.0.0\"\n app.kubernetes.io/component: backend\n app.kubernetes.io/part-of: my-system\n app.kubernetes.io/managed-by: kubectl\n\nManifest Organization\nOption 1 — Separate Files\nmanifests/\n├── configmap.yaml\n├── secret.yaml\n├── deployment.yaml\n├── service.yaml\n└── pvc.yaml\n\nOption 2 — Kustomize\nbase/\n├── kustomization.yaml\n├── deployment.yaml\n├── service.yaml\n└── configmap.yaml\noverlays/\n├── dev/\n│ └── kustomization.yaml\n└── prod/\n ├── kustomization.yaml\n └── resource-patch.yaml\n\nValidation\n# Client-side dry run\nkubectl apply -f manifest.yaml --dry-run=client\n\n# Server-side validation\nkubectl apply -f manifest.yaml --dry-run=server\n\n# Lint with kube-score\nkube-score score manifest.yaml\n\n# Lint with kube-linter\nkube-linter lint manifest.yaml\n\nTroubleshooting Quick Reference\nProblem\tDiagnosis\tFix\nPod stuck Pending\tkubectl describe pod — check events\tFix resource requests, node capacity, PVC binding\nImagePullBackOff\tWrong image name/tag or missing pull secret\tVerify image exists, add imagePullSecrets\nCrashLoopBackOff\tApp crashes on start\tCheck logs: kubectl logs --previous\nService not reachable\tSelector mismatch\tVerify kubectl get endpoints is non-empty\nConfigMap not loading\tName mismatch or wrong namespace\tCheck names match and namespace is correct\nReadiness probe failing\tWrong path or port\tVerify health endpoint works inside container\nOOMKilled\tMemory limit too low\tIncrease resources.limits.memory\nNEVER Do\nAnti-Pattern\tWhy\tDo Instead\nUse :latest image tag\tNon-reproducible deployments\tPin exact version: image:1.2.3\nSkip resource limits\tPods can starve the node\tAlways set requests and limits\nRun as root\tContainer escape = full host access\tSet runAsNonRoot: true + USER\nCommit plaintext Secrets\tCredentials in Git history forever\tUse Sealed Secrets / External Secrets / Vault\nSkip health checks\tK8s can't detect unhealthy pods\tAlways configure liveness + readiness probes\nOmit labels\tCannot filter, select, or organize\tUse standard app.kubernetes.io/* labels\nSingle replica for production\tZero availability during updates\tUse replicas: 3 minimum for HA\nHardcode config in containers\tRequires rebuild for config changes\tUse ConfigMaps and Secrets\nAssets & References\nAssets (Templates)\nTemplate\tDescription\nassets/deployment-template.yaml\tProduction Deployment with security + probes\nassets/service-template.yaml\tClusterIP, LoadBalancer, NodePort examples\nassets/configmap-template.yaml\tConfigMap with data types\nassets/statefulset-template.yaml\tStatefulSet with headless Service + PVC\nassets/cronjob-template.yaml\tCronJob with concurrency + history\nassets/ingress-template.yaml\tIngress with TLS, rate limiting, CORS\nReferences\nReference\tDescription\nreferences/deployment-spec.md\tDetailed Deployment specification\nreferences/service-spec.md\tService types and networking details" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/wpank/kubernetes-devops", "publisherUrl": "https://clawhub.ai/wpank/kubernetes-devops", "owner": "wpank", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/kubernetes-devops", "downloadUrl": "https://openagent3.xyz/downloads/kubernetes-devops", "agentUrl": "https://openagent3.xyz/skills/kubernetes-devops/agent", "manifestUrl": "https://openagent3.xyz/skills/kubernetes-devops/agent.json", "briefUrl": "https://openagent3.xyz/skills/kubernetes-devops/agent.md" } }