Rbac

k8s-security-policies helps teams draft Kubernetes NetworkPolicy, Pod Security Standards labels, and RBAC patterns using repo-backed templates and references for hardening and audit-ready rollout planning.

auth-implementation-patterns is a practical skill for designing and implementing authentication and authorization patterns, including sessions, JWT, OAuth2/OIDC, RBAC, and access control checks for APIs and apps.

agent-governance is a documentation-first skill for designing AI agent guardrails, policy checks, trust rules, tool restrictions, and audit logging for tool-using and multi-agent systems.

organization-best-practices guides Better Auth organization setup for access control, covering server and client plugins, migration, database checks, org creation, invitations, roles, and RBAC-focused usage.

building-role-mining-for-rbac-optimization is a cybersecurity skill for analyzing user-permission data, reducing role explosion, and building cleaner RBAC roles with bottom-up and top-down role mining for Access Control. Use it to compare candidate roles, validate least-privilege outcomes, and turn raw assignments into an actionable role plan.

building-identity-governance-lifecycle-process helps design identity governance and lifecycle management for joiner-mover-leaver automation, access reviews, role-based provisioning, and orphaned account cleanup. It fits cross-system Access Control programs that need practical workflow guidance, not a generic policy draft.

auditing-kubernetes-cluster-rbac helps audit Kubernetes RBAC for overbroad roles, risky bindings, secret access, and privilege escalation paths. It is built for security audit workflows across EKS, GKE, AKS, and self-managed clusters, with practical guidance for kubectl, rbac-tool, KubiScan, and Kubeaudit.

auditing-gcp-iam-permissions helps review Google Cloud IAM access for risky bindings, primitive roles, public access, service account exposure, and cross-project paths. This access-control audit skill is built for evidence-driven reviews with gcloud, Cloud Asset, IAM Recommender, and Policy Analyzer.