get_cluster_audit
Evaluate Kubernetes cluster static configuration for compliance with best practices. Returns security, reliability, and efficiency audit findings with remediation steps.
Instructions
Use when the agent's decision is 'is this cluster well-configured / compliant?' — STATIC CONFIG POSTURE, not live operational state. Returns best-practice findings: Security (runAsRoot, privileged containers, dangerous capabilities, hostPath/hostNetwork, secret-in-ConfigMap), Reliability (single replicas, missing PDB, missing TopologySpread, podHARisk, Service/Ingress without matching backends, stuckTerminating, deprecatedAPIVersion), and Efficiency (missing resource requests/limits, orphaned ConfigMaps/Secrets, under/over-utilization). Each finding has remediation guidance. INDEPENDENT of operational health: a healthy pod can have many audit findings (badly configured but working), a crashing pod can have zero (cleanly configured but failing). For 'what's broken right now?' use the issues tool. Respects user's audit settings (ignored namespaces, disabled checks). Filter by namespace, category, or severity. Resources absent from findings should NOT be reported as non-compliant — empty findings for a scope means no violations, not a failed check.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| namespace | No | filter to a specific namespace | |
| category | No | filter by category: Security, Reliability, or Efficiency | |
| severity | No | filter by severity: danger or warning | |
| limit | No | max audit violation findings to return (default 30, max 100). This limits findings only; compliant resources are not returned. |