This audits Flux CD GitOps repositories by scanning your local files rather than hitting live clusters. It runs Kubernetes schema validation with kubeconform, detects deprecated Flux APIs, classifies your repo pattern (monorepo, multi-tenant, etc.), and checks best practices around RBAC, secrets management, drift detection, and image automation. The security review looks at how you're handling secrets (SOPS, External Secrets), whether you're verifying OCI artifacts with Cosign, and multi-tenancy isolation. It produces a prioritized markdown report with critical findings first. Worth running before you push major changes or if you inherited a repo and want to know what's lurking in there. It will also nag you to migrate from flux bootstrap to the Flux Operator with FluxInstance.
npx skills add https://github.com/fluxcd/agent-skills --skill gitops-repo-audit