Officialv1.0.03 scenarios
Istio
Istio traffic-management and policy guidance for routing, mTLS, and authorization changes.
deploywhisper skill install istio
How to use this skill
1. Install it locally
Use the install command above from any DeployWhisper app checkout that has the installer enabled.
2. Run analysis on matching artifacts
This skill activates when files or content patterns below are detected during analysis.
3. Verify behavior
Published registry data currently includes 3 deterministic scenarios for this skill.
Metadata
Author
DeployWhisper
Version
1.0.0
License
MIT
Scenarios
3
Tags
Triggers
- virtualservice.yaml
- destinationrule.yaml
- authorizationpolicy.yaml
Content patterns
- networking.istio.io
- security.istio.io
Guidance excerpt
Critical risk patterns
- VirtualService host, match, or gateway rewrites can blackhole traffic across multiple services = CRITICAL
- DestinationRule TLS mode mismatches commonly surface as cascading 503 errors = HIGH
- AuthorizationPolicy allow rules with broad principals or namespaces expand lateral access = HIGH
- PeerAuthentication set to `STRICT` before workloads are mesh-ready can trigger downtime = HIGH
Review cues
- Review Istio routing and policy changes together because safe config depends on mesh-wide consistency.
- Prefer deterministic roll-forward or rollback steps over hand-wavy remediation notes.