Skip to content

SamuelLess/carakube

Repository files navigation

CaraKube Logo

CaraKube – Autonomous Kubernetes Security & Remediation

CaraKube Overview

Kubernetes security is overwhelming. Developers are stuck in "YAML hell," which creates critical vulnerabilities where misconfigurations hide in hundreds of files. Existing tools detect problems but require manual fixes that break GitOps workflows. We built CaraKube to autonomously solve this.

What it does: CaraKube continuously monitors your cluster, detects security risks (privilege escalation, missing limits, exposed secrets), and autonomously fixes them. We developed an interactive React Flow dashboard visualizing cluster topology with color-coded health indicators. Click compromised nodes to view vulnerabilities and trigger auto-remediation.

How we built it: We created a custom Python scanner using the Kubernetes API for real-time analysis. When issues are detected, Google Gemini generates context-aware YAML patches. Next, we orchestrated GitHub API integration to create Pull Requests against your infrastructure repository, preserving Flux as the single source of truth.

Our achievement: We built everything from scratch, including the visualization layer, scanner logic, and agent. We achieved detection-to-mergeable-PR in seconds with a modular, extendable architecture, minimal cluster overhead, and production-ready patch accuracy through constrained LLM context.

We transformed Kubernetes security from reactive firefighting into proactive, autonomous protection, empowering teams to maintain secure clusters without drowning in YAML.

Cluster at a glance

Demo 0

Agent-powered PR-creation

Demo 1 Demo 2


Try the live demo

Demo QR Code

Scan the QR code or visit carakube.dev to access the live demo.

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors