dependency-analysis

The dependency-analysis skill is a specialized tool for Kubernetes platform engineers and control-plane developers tasked with auditing and verifying complex operator interactions. By systematically scanning controller-runtime source code, this skill extracts critical trigger topology and API interaction sequences—including reads, writes, and complex multi-write call chains. It acts as an automated bridge between raw source code and the Kamera v2 simulation engine, ensuring that all analyzed control-plane behaviors conform to strict architectural contracts.

This skill is intended for developers building, maintaining, or testing custom Kubernetes operators. It is particularly valuable during security audits, reliability reviews, or when preparing controllers for fault-injection testing. Users provide access to the controller repository, and the agent performs deep inspection of entrypoints, reconciler wiring, and API call sites to generate high-fidelity dependency artifacts.

• Automated discovery of controller registration via SetupWithManager, Watches, and Owns patterns.

• Detailed extraction of trigger events, distinguishing between primary, secondary, and manual controller triggers.

• Mapping of API surface interactions (spec, status, metadata) across reconcile helper call chains.

• Identification of crash-vulnerability windows in multi-write sequences, capturing in-memory side effects like channel communication.

• Heuristic-based resource role assignment (user-facing, supporting, or builtin) based on integrated analysis of API docs, examples, and quickstarts.

• The skill requires strict adherence to the project's dependency-graph-contract.md; output is rejected by the validator script if it fails compliance checks.

• Use this for generating inputs for Kamera's offline trace simulation and control-plane verification.

• Always include analysis-notes.md as evidence for all role-assignment decisions, especially when resolving ambiguity via external documentation.

• The tool does not modify code; it is strictly an observational and artifact-generation utility for verification and research purposes.

• Requires local shell access for executing validation scripts against generated artifacts.