📄

YAML Security Rules

20 detection rules for YAML across 9 vulnerability classes.

5 Critical

5 High

7 Medium

3 Low

Scan your YAML code

npx @shoulderdev/cli trust --lang=yaml .

Privilege Escalation Allowed HIGH kubernetes

Dangerous Linux Capabilities Added CRITICAL kubernetes

Host Namespace Access Enabled CRITICAL kubernetes

Missing Capability Restrictions MEDIUM kubernetes

Missing allowPrivilegeEscalation Setting MEDIUM kubernetes

Missing Container Security Context HIGH kubernetes

Privileged Container Detected CRITICAL kubernetes

Container Running as Root User HIGH kubernetes

Ingress Missing TLS Configuration HIGH kubernetes

Insecure TLS Verification Disabled HIGH kubernetes

HostPath Volume Mounted CRITICAL kubernetes

NodePort Service Exposes Application MEDIUM kubernetes

Service Account Token Auto-Mounted LOW kubernetes

Writable Root Filesystem MEDIUM kubernetes

Using Default Namespace LOW kubernetes

Missing Health Probes LOW kubernetes

Missing Network Policy MEDIUM kubernetes

Missing Resource Limits MEDIUM kubernetes

Hardcoded Secrets in Manifest CRITICAL kubernetes

Container Using Latest Tag MEDIUM kubernetes