Validates Vertex AI Agent Engine deployments for production readiness across security, monitoring, performance, compliance, and best practices. Generates weighted scores and remediation plans.
How this skill is triggered — by the user, by Claude, or both
Slash command
/jeremy-vertex-validator:validator-expert [project-id][project-id]inheritThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
!`gcloud config get-value project 2>/dev/null || echo 'no active project'`
!gcloud config get-value project 2>/dev/null || echo 'no active project'
!gcloud auth list --filter=status:ACTIVE --format="value(account)" 2>/dev/null || echo 'not authenticated'
Validate production readiness of Vertex AI Agent Engine deployments by executing weighted checks across five categories: security (30 points), monitoring (20 points), performance (25 points), compliance (15 points), and best practices (10 points). This skill produces a 0-100% composite score with pass/fail per check and prioritized remediation recommendations.
gcloud CLI authenticated with roles/aiplatform.viewer, roles/iam.securityReviewer, and roles/monitoring.viewervertexai.Client().agent_engines.get(name)) or REST API (GET https://{LOCATION}-aiplatform.googleapis.com/v1/projects/{PROJECT}/locations/{LOCATION}/reasoningEngines/{ID}) and parse model, scaling, and feature settingsroles/aiplatform.expressUser, not roles/aiplatform.admin)roles/modelarmor.user granted| Error | Cause | Solution |
|---|---|---|
| Insufficient IAM permissions | Viewer roles not granted on target project | Request roles/aiplatform.viewer and roles/iam.securityReviewer from project admin |
| Agent deployment not found | Incorrect agent ID or deployment deleted | Verify agent ID with vertexai.Client().agent_engines.list() or REST GET .../reasoningEngines; confirm deployment region |
| Monitoring API returns no data | API not enabled or agent has zero traffic | Enable Monitoring API; generate synthetic traffic to populate baseline metrics |
| VPC-SC configuration inaccessible | Organization policy restricts VPC-SC reads | Request roles/accesscontextmanager.policyReader at organization level |
| Compliance check inconclusive | Audit logs not enabled or retention too short | Enable Data Access audit logs; set log retention to minimum 365 days |
Scenario 1: Pre-Launch Validation -- Validate a new ADK agent before production launch. Run all five validation categories. Target score: 85%+ overall, with security score at 28/30 minimum. Generate remediation plan for any failing checks.
Scenario 2: Post-Incident Security Audit -- After a permission escalation incident, re-validate security posture. Focus on IAM least-privilege, service account bindings, and VPC-SC perimeter integrity. Compare scores against the last passing validation.
Scenario 3: Quarterly Compliance Review -- Execute compliance and monitoring validation suites for SOC 2 audit preparation. Verify audit logging coverage, data residency compliance, and backup/DR configuration. Export results as evidence artifacts.
Validation checklists (read the relevant one during each validation step):
Official Google Cloud documentation:
5plugins reuse this skill
First indexed Jul 10, 2026
npx claudepluginhub luxdevnet/claude-plus-lux --plugin jeremy-vertex-validatorValidate production readiness of Vertex AI Agent Engine deployments across security, monitoring, performance, compliance, and best practices. Generates weighted scores (0-100%) with actionable remediation plans. Use when asked to validate a deployment, run a production readiness check, audit security posture, or verify compliance for Vertex AI agents. Trigger with "validate deployment", "production readiness", "security audit", "compliance check", "is this agent ready for prod", "check my ADK agent", "review before deploy", or "production readiness check". Make sure to use this skill whenever validating ADK agents for Agent Engine.
Inspect and validate Vertex AI Agent Engine deployments including Code Execution Sandbox, Memory Bank, A2A protocol compliance, and security posture. Generates production readiness scores. Use when asked to inspect, validate, or audit an Agent Engine deployment. Trigger with "inspect agent engine", "validate agent engine deployment", "check agent engine config", "audit agent engine security", "agent engine readiness check", "vertex engine health", or "reasoning engine status".
Measures and improves agent quality through evaluators, monitoring, observability, and cost optimization. Sets up CloudWatch dashboards, X-Ray tracing, CI/CD quality gates, and LLM-as-a-judge evals.