Cassao29 Claude Secure Plugins
cassao29-claude-secure-plugins is a Claude Code plugin marketplace for the Ship phase that delivers audited security plugins for Docker, Kubernetes, and Terraform hardening.
by cassao29 · github.com/cassao29/claude-secure-plugins
Install security-audited Claude Code plugins that harden Docker, Kubernetes, and Terraform configs with secure defaults and misconfiguration detection.
Add it to Claude Code
Install the plugin in Claude Code. One command, paste-ready.
/plugin install cassao29-claude-secure-plugins@cassao29/claude-secure-pluginsBuilt to be called by your agent
Skillselion is itself an MCP server. Your agent can pull this entry and a paste-ready install config straight from the API - no copy-paste.
Retrieve this entry with skillselion.get_details("plugin:cassao29/claude-secure-plugins") and the paste-ready config with skillselion.get_install_config("plugin:cassao29/claude-secure-plugins").
What it does
cassao29-claude-secure-plugins is a security-first Claude Code marketplace for solo builders and small teams who ship with Docker, Kubernetes, and Terraform and want agents to enforce safer defaults instead of guessing at YAML. It bundles four plugins oriented around configuration validation, secret and credential detection, network policy generation, and health checks on bindings and exposed services. Use it during ship and operate when you are tightening compose files, K8s manifests, or Terraform before a deploy, or when you need repeatable scans for misconfigurations without a separate CI-only toolchain. The catalog emphasizes hardened templates, localhost limits, and pod security context—aligned with indie SaaS and API operators who cannot afford a full-time security engineer. Register the marketplace in Claude Code, then invoke the specific validator or generator plugins for your stack.
Highlights
- Security-first marketplace with four audited Claude Code plugins
- Detect exposed ports, credentials in files, and common Docker Compose misconfigurations
- Generate and validate Kubernetes manifests with NetworkPolicies, PodSecurityContext, and noNewPrivileges patterns
- Terraform and configuration hardening with resource limits and localhost binding checks
- Health and binding scanners aimed at secrets, passwords, and insecure defaults
Why builders use it
Solo builders paste insecure compose and manifest defaults into production because manual security review of every file does not scale.
After registering the marketplace, Claude can run secure-default checks, detect leaked credentials and exposed ports, and suggest hardened Kubernetes and Terraform configurations.
At a glance
- Type - Plugin in Security.
- Adoption - 0 installs, 0 stars, 0 votes.
FAQ
Who is cassao29-claude-secure-plugins for?
It is for Claude Code users deploying with Docker, Kubernetes, or Terraform who want bundled plugins for misconfiguration detection and secure defaults.
When should I use cassao29-claude-secure-plugins?
Use it in the ship and operate phases when reviewing compose files, manifests, secrets handling, and network policies before or after deploy.
How do I add cassao29-claude-secure-plugins to my agent?
Add the cassao29/claude-secure-plugins marketplace to your Claude Code plugin sources, then install the Docker, Kubernetes, Terraform, or scanner plugins you need.
Comments
Share how you use cassao29-claude-secure-plugins, gotchas, or tips for other indie builders.
No comments yet - be the first to share how you use it.