Skill

Container Security

Monitor Kubernetes clusters, ECS clusters, and container workload security using Trend Micro Vision One. This skill provides visibility into container environments, their security posture, and runtime protection status.

npx claudepluginhub trendmicro/vision-one-skills --plugin vision-one-api

Tool Access

This skill uses the workspace's default tool permissions.

Preview

SKILL.md

Similar Skills

android-clean-architecture

171.0k

Implements Clean Architecture in Android and Kotlin Multiplatform projects: module layouts, dependency rules, UseCases, Repositories, domain models, and data layers with Room, SQLDelight, Ktor.

everything-claude-code

plankton-code-quality

171.0k

Enforces code quality on file edits via Plankton hooks: auto-formats, lints, Claude-powered fixes with model tiering, config protection, and legacy package manager blocks.

everything-claude-code

cpp-coding-standards

171.0k

Enforces C++ Core Guidelines for writing, reviewing, and refactoring modern C++ code (C++17+), promoting RAII, immutability, type safety, and idiomatic practices.

everything-claude-code

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitFeb 23, 2026

Actions

View Source View Plugin View on GitHub View README

Container Security

Instructions

When the user asks about container security, Kubernetes, ECS, or containerized workloads, use this skill to query container infrastructure.
List Kubernetes clusters: Start with list_kubernetes_clusters to get an overview of all monitored K8s environments.
Check ECS clusters: Use list_ecs_clusters to review AWS ECS container infrastructure.
Get cluster details: Use cluster-specific detail tools to retrieve comprehensive security and configuration information.
Review namespaces: For Kubernetes, examine namespaces to understand workload organization and security policies.
Assess runtime protection: Verify that container runtime security features are enabled and functioning.
Correlate with vulnerabilities: Cross-reference container findings with CVE data for image vulnerabilities.

Tools

This skill uses the following Vision One MCP tools (all read-only):

Kubernetes Clusters

Tool	Purpose
`container_security_k8_clusters_list`	List monitored Kubernetes clusters
`container_security_k8_cluster_get`	Get detailed K8s cluster information
`container_security_k8_images_list`	List Kubernetes images running across clusters

AWS ECS Clusters

Tool	Purpose
`container_security_ecs_clusters_list`	List monitored AWS ECS clusters

Container Vulnerabilities

Tool	Purpose
`container_security_image_vulnerabilities_list`	List container image vulnerabilities detected in K8s and ECS

Common Workflows

Container Environment Inventory

List all Kubernetes clusters
List all ECS clusters
For each cluster, get detailed configuration
Summarize protection coverage across environments
Identify any unprotected container workloads

Kubernetes Security Assessment

List Kubernetes clusters
Get cluster details for each
List namespaces and workloads
Check runtime protection status
Identify security policy gaps

ECS Security Review

List ECS clusters
Get cluster details
Review task definitions and services
Verify container insights and protection
Document findings and recommendations

Container Compliance Check

Inventory all container clusters
Verify protection agent deployment
Check security policy configurations
Identify non-compliant workloads
Generate compliance report

Container Image Vulnerability Assessment

List container image vulnerabilities across all clusters
Filter by risk level (high/medium/low)
Identify most vulnerable images
List affected clusters and workloads
Prioritize patching by exposure and severity

Container Image Inventory

List all Kubernetes images running in clusters
Identify image sources (registries)
Check image digests for integrity
Correlate with vulnerability data
Document image usage across namespaces

Output Format

Container Environment Summary

## Container Security Overview

### Kubernetes Clusters
| Cluster | Provider | Nodes | Namespaces | Protection |
|---------|----------|-------|------------|------------|
| [Name] | [EKS/AKS/GKE/On-prem] | [count] | [count] | [Enabled/Partial/Disabled] |

### ECS Clusters
| Cluster | Region | Services | Tasks | Protection |
|---------|--------|----------|-------|------------|
| [Name] | [Region] | [count] | [count] | [Enabled/Disabled] |

### Protection Summary
- Total clusters: [count]
- Fully protected: [count]
- Partially protected: [count]
- Unprotected: [count]

Kubernetes Cluster Details

## Kubernetes Cluster: [Name]

**Provider**: [EKS/AKS/GKE/On-prem]
**Version**: [K8s version]
**Nodes**: [count]

### Protection Status
- Runtime protection: [Enabled/Disabled]
- Admission control: [Enabled/Disabled]
- Image scanning: [Enabled/Disabled]

### Namespaces
| Namespace | Pods | Protection Status |
|-----------|------|-------------------|
| [Name] | [count] | [Protected/Unprotected] |

### Security Findings
- Critical: [count]
- High: [count]
- Medium: [count]
- Low: [count]

ECS Cluster Details

## ECS Cluster: [Name]

**Region**: [AWS Region]
**Status**: [Active/Inactive]

### Services
| Service | Tasks | Status |
|---------|-------|--------|
| [Name] | [count] | [Active/Draining] |

### Protection Status
- Container protection: [Enabled/Disabled]
- Image scanning: [Enabled/Disabled]

### Resource Utilization
- CPU reservation: [%]
- Memory reservation: [%]

Security Considerations

This skill provides read-only access to container security data
Cluster names, namespaces, and configurations are sensitive infrastructure details
Container vulnerabilities may expose critical application components
Unprotected containers represent significant security risk
Coordinate with platform teams for protection deployment
Runtime protection gaps should be addressed urgently for production workloads