T Techclick Kubernetes guard

Pre-deploy manifest review

Kubernetes Manifest Guard

Paste Kubernetes YAML or JSON and get a practical baseline report for Pod Security Standards, RBAC wildcards, host access, exposed services, missing NetworkPolicy, image pinning, and copyable remediation steps.

Manifest score -- Paste a manifest to begin

Manifest input

YAML or JSON, analyzed without cluster access.

Ready

Baseline report

No report yet.

Critical0
High0
Medium0
Low0
Findings will appear here after analysis.

After your scan

Turn manifest findings into DevSecOps practice

Use the report to explain least privilege, RBAC blast radius, NetworkPolicy, and pod hardening in interview or lab language.

What this checks

  • Privileged containers, hostNetwork, hostPID, hostIPC, and risky hostPath mounts
  • runAsNonRoot, seccomp RuntimeDefault, privilege escalation, capabilities, and read-only filesystem posture
  • Wildcard RBAC, cluster-admin bindings, and privilege-escalation verbs
  • Missing NetworkPolicy, missing Pod Security Admission labels, and public Service or Ingress exposure
  • Floating images, missing resources, and basic readiness/liveness probe gaps

Evidence base