# Install kube-score with Homebrew, Nix

Kubernetes object analysis recommendations for improved reliability and security. Version 1.20.0 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:kube-score
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install kube-score
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#kube-score
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ku/kube-score/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:kube-score
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/kube-score>
- **Version:** 1.20.0
- **Source summary:** Kubernetes object analysis recommendations for improved reliability and security
- **Homepage:** <https://kube-score.com>
- **Repository:** <https://github.com/zegl/kube-score>
- **Upstream docs:** <https://github.com/zegl/kube-score#readme>
- **License:** MIT
- **Source archive:** <https://github.com/zegl/kube-score.git>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- kube-score (cli)
- kube-score (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.20.0
- Local data: ok
- Upstream repository: https://github.com/zegl/kube-score
- info: No package-manager update timestamp was available.
- info: No cached GitHub release or tag data was available.
## Project history and usage

kube-score is a Kubernetes manifest analysis CLI that scores object definitions and recommends reliability and security improvements. It is aimed at the pre-deployment stage, where YAML, Helm output, or Kustomize output can still be changed cheaply.

### Project history

The kube-score repository was created on 2018-09-16, and its first beta release, v0.1.0-beta1, was published on 2018-09-26. The README presents it as static code analysis for Kubernetes object definitions, with checks for resources, network policy coverage, pod disruption budgets, probes, security contexts, and stable APIs.

Unlike cluster-side policy systems, kube-score kept a developer-tool shape: a single CLI that reads manifests, prints human or machine-readable findings, and exits with a CI-friendly status code.

### Adoption history

The project documents several distribution paths: GitHub release binaries for macOS, Linux, and Windows, a Docker image, Homebrew, and Krew as the kubectl score plugin. Its website also hosts an online demo backed by the kube-score/web repository, giving users a low-friction way to try the checks without installing the CLI.

### How it is used

Typical usage pipes rendered Kubernetes resources into kube-score, for example from helm template or kustomize build. The tool can also read static YAML files or resources exported from a live cluster, then produce recommendations in human, JSON, CI, or SARIF-oriented formats.

Annotations such as kube-score/ignore and kube-score/enable let users suppress or opt into checks on individual objects, which keeps the linter usable in repositories where not every workload has the same operational constraints.

### Why package nerds care

kube-score matters in package-manager culture because it is a small, composable quality gate for Kubernetes manifests. It turns a broad operational checklist into a command that can live in a Makefile, pre-commit hook, GitHub Action, or CI job.

It also illustrates a common Kubernetes packaging pattern: one Go binary, release artifacts for multiple platforms, a Docker image for containerized CI, Homebrew for local developer machines, and Krew for kubectl-plugin users.

### Timeline

- 2018-09-16: GitHub repository created.
- 2018-09-26: First GitHub release, v0.1.0-beta1, published.
- 2018-10-08: v0.1.0 published.
- 2025-04-28: GitHub release v1.20.0 published.

### Related projects

- Helm and Kustomize are common input producers for kube-score.
- Krew distributes kube-score as a kubectl plugin named score.
- kube-score/web provides the browser demo linked from the README.
- KubeLinter occupies a related manifest-linting space with a stronger production-readiness and security-check branding.

### Sources

- <https://api.github.com/repos/zegl/kube-score>
- <https://api.github.com/repos/zegl/kube-score/releases>
- <https://formulae.brew.sh/formula/kube-score>
- <https://github.com/kube-score/web>
- <https://github.com/zegl/kube-score>
- <https://kube-score.com/>


## Security Notes

infrastructure mutation or orchestration signal.

- **Geiger risk:** orange / medium
- infrastructure mutation or orchestration signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** kube-score
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - kube-score: normalized package name match | nixpkgs package indexes: pkgs/by-name/ku/kube-score/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Cloud CLI packages](https://www.automicvault.com/pkg/cloud-clis/) - Belongs to a cloud or infrastructure command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Text processing packages](https://www.automicvault.com/pkg/text-processing-tools/) - Matched text, document, or structured-data processing metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [kube-linter](https://www.automicvault.com/pkg/brew/kube-linter/) - Shares av.db curated category or tags: cli, developer-tools, helm, kubernetes, static-analysis.
- [chart-releaser](https://www.automicvault.com/pkg/brew/chart-releaser/) - Shares av.db curated category or tags: cli, developer-tools, helm, kubernetes.
- [chart-testing](https://www.automicvault.com/pkg/brew/chart-testing/) - Shares av.db curated category or tags: cli, developer-tools, helm, kubernetes.
- [datadog-static-analyzer](https://www.automicvault.com/pkg/brew/datadog-static-analyzer/) - Shares av.db curated category or tags: cli, developer-tools, security, static-analysis.
- [kubent](https://www.automicvault.com/pkg/brew/kubent/) - Shares av.db curated category or tags: cli, developer-tools, helm, kubernetes.
- [kubergrunt](https://www.automicvault.com/pkg/brew/kubergrunt/) - Shares av.db curated category or tags: cli, developer-tools, helm, kubernetes.
- [semgrep](https://www.automicvault.com/pkg/brew/semgrep/) - Shares av.db curated category or tags: cli, developer-tools, security, static-analysis.
- [spoa](https://www.automicvault.com/pkg/brew/spoa/) - Shares av.db curated category or tags: cli, developer-tools, security, static-analysis.

## Combined YAML source

View the package source record on GitHub. [combined/kube-score.yml](https://github.com/automic-vault/db/blob/main/combined/kube-score.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
