SkillAgentSearch skills...

Skyflo

Self-Hosted AI Agent for Kubernetes & DevOps. Approval-Gated. Deterministic Control Loop.

GenerateConvertImprove

Install / Use

/learn @skyflo-ai/Skyflo
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

<p align="center"> <a href="https://skyflo.ai"> <img src="https://skyflo.ai/assets/hero.png" alt="Skyflo – Self-Hosted AI Agent for Kubernetes and CI/CD" width="1000"/> </a> </p> <h3 align="center">Self-Hosted AI Agent for Kubernetes & CI/CD</h3> <p align="center"> <a href="https://github.com/skyflo-ai/skyflo/actions"> <img src="https://img.shields.io/github/actions/workflow/status/skyflo-ai/skyflo/ci.yml?branch=main&label=CI" alt="CI Status"> </a>&nbsp; <a href="https://github.com/skyflo-ai/skyflo/releases"> <img src="https://img.shields.io/github/v/release/skyflo-ai/skyflo" alt="Release"> </a>&nbsp; <a href="https://github.com/skyflo-ai/skyflo/blob/main/LICENSE"> <img src="https://img.shields.io/github/license/skyflo-ai/skyflo" alt="License"> </a> </p> <p align="center"> <a href="https://skyflo.ai/docs">Docs</a> · <a href="https://skyflo.ai/docs/architecture">Architecture</a> · <a href="https://discord.gg/kCFNavMund">Discord</a> </p>

Infrastructure automation tools fall into two categories.

CLI assistants translate prompts into shell commands. Autonomous agents execute infrastructure changes without explicit approval.

Neither model guarantees a deterministic execution process or a complete audit trail.

Skyflo is a self-hosted AI agent for Kubernetes and CI/CD systems. It runs inside your cluster and executes infrastructure operations through a deterministic control loop:

Plan → Approve → Execute → Verify

Every mutating tool call is approval-gated, typed, and auditable.

Skyflo is not a CLI wrapper, not an autonomous mutation bot, and not a GitOps control plane.

It is an in-cluster AI control layer that enforces safe infrastructure changes before anything reaches production.

Quick Start

Install Skyflo inside your Kubernetes cluster.

Using Helm:

helm repo add skyflo https://charts.skyflo.ai
helm repo update skyflo

Create a values.yaml file:

engine:
  secrets:
    llmModel: "gemini/gemini-2.5-pro"
    geminiApiKey: "AI-..."

See helm show values skyflo/skyflo for the full list of configurable values.

helm install skyflo skyflo/skyflo -n skyflo --create-namespace -f values.yaml

Using curl:

Get started quickly with the interactive installer.

curl -fsSL https://skyflo.ai/install.sh | bash

Bring your own LLM (OpenAI, Anthropic, Gemini, Groq, self-hosted). See the quick start guide.

Execution Model

Skyflo enforces a strict loop for every infrastructure change:

  1. Plan: generate a concrete, replayable plan
  2. Approve: explicit approval for every mutating tool call
  3. Execute: run typed tools via MCP (Kubernetes, Helm, Argo Rollouts, Jenkins)
  4. Verify: validate cluster state against declared intent
  5. Persist: store tool-level audit history

No blind kubectl apply. No silent automation. No untracked changes.

Safety Properties

  • Approval gate for every mutating tool call, enforced by the engine
  • Typed tool execution with schema-validated inputs
  • Persisted audit trail with tool results
  • Replayable control loop (plan → approve → execute → verify)
  • Runs inside your cluster. No Skyflo telemetry or phone-home
  • LLM-agnostic via LiteLLM. No vendor lock-in

Supported Tools

| Tool | Capabilities | | ----------------- | -------------------------------------------------------------------------------- | | Kubernetes | discovery, get/describe, logs/exec, diff-first apply, rollout history, rollbacks | | Helm | template, install/upgrade/rollback, dry-run, diff-first safety | | Argo Rollouts | status, pause/resume, promote/cancel, progressive delivery control | | Jenkins | jobs/builds/logs, parameters, SCM context, build control |

All mutating tool calls require explicit approval.

Demo

<p align="center"> <img src="assets/demo.gif" alt="Skyflo Demo" width="100%"/> </p>

Deterministic plans. Explicit approval. Verified execution.

Comparison

| Capability | CLI Assistants | Autonomous Agents | GitOps Platforms | Skyflo | | ----------------------------- | -------------: | ----------------: | ---------------: | ---------: | | Natural language ops | Yes | Yes | Limited | Yes | | Mandatory mutation approval | Optional | No | PR-based | Yes | | Deterministic control loop | No | No | Partial | Yes | | Kubernetes + CI unified | No | Partial | No | Yes | | In-cluster deployment | Partial | Partial | Varies | Yes | | Team RBAC + audit | No | Limited | Yes | Yes | | Real-time execution streaming | No | No | No | Yes |

System Architecture

| Component | Description | | ------------------------ | ---------------------------------------------------------------------------- | | Engine | LangGraph workflow: planner, approval gate, verifier, persistence, auth/RBAC | | MCP Server | Typed tools for Kubernetes, Helm, Argo Rollouts, Jenkins | | Command Center | Next.js UI with real-time streaming, approvals, team admin |

Details: Architecture

Contributing

Apache 2.0 OSS. High-signal contributions welcome. See CONTRIBUTING.md.

License

Apache 2.0. See LICENSE.

Community

<p> <a href="https://skyflo.ai/docs">Docs</a> · <a href="https://discord.gg/kCFNavMund">Discord</a> · <a href="https://x.com/skyflo_ai">X</a> · <a href="https://www.linkedin.com/company/skyflo">LinkedIn</a> </p>

skyflo-ai

View profile

View on GitHub
GitHub Stars105
CategoryDevelopment
Updated3d ago
Forks44
skyflo-ai/skyflo

Languages

TypeScript

Security Score

100/100

Audited on Mar 30, 2026

No findings