feat: add configure-helm skill and update configure-route

.claude/skills/configure-helm.md

@@ -0,0 +1 @@
+../../agents/configure-helm.md

.claude/skills/configure-route.md

@@ -0,0 +1 @@
+../../agents/configure-route.md

AGENTS.md

@@ -136,6 +136,17 @@ ip_allowlists:
     refresh_interval: 24h
 ```
 
+## Interactive Skills
+
+Gatekeeper includes AI skills for interactive configuration (see [agents/](agents/)):
+
+- **Configure Route** ([agents/configure-route.md](agents/configure-route.md)) - Configure a single webhook route
+- **Configure Helm** ([agents/configure-helm.md](agents/configure-helm.md)) - Configure a complete Kubernetes deployment
+
+These are user-facing interactive wizards, not coding agent instructions. In Claude Code, invoke with `/configure-route` or `/configure-helm`.
+
+**Maintenance**: When adding features that affect configuration (new verifier types, new route options, new Helm values), update the relevant skill files in `agents/` before committing. The skills should always reflect the current capabilities.
+
 ## File Locations
 
 - Server entry point: cmd/gatekeeperd/main.go

README.md

@@ -19,6 +19,7 @@ A webhook authentication, authorization, and validation proxy for enterprise env
 - [Security Considerations](#security-considerations)
   - [Overview](#security-overview)
   - [Mitigations](#mitigations)
+- [AI-Assisted Configuration](#ai-assisted-configuration)
 - [Alternatives Considered](#alternatives-considered)
 - [Planned Work](#planned-work)
 - [Installation](#installation)
@@ -305,6 +306,60 @@ Relay mode eliminates inbound firewall rules entirely. The relay client initiate
 
 ---
 
+## AI-Assisted Configuration
+
+Gatekeeper includes AI skills for interactive configuration. These skills guide you through setup step-by-step, generating complete configuration files with provider-specific instructions.
+
+### Available Skills
+
+| Skill | Description |
+|-------|-------------|
+| **Configure Route** | Configure a single webhook route - walks through provider selection, delivery mode, verifier setup, and generates both server and relay configs |
+| **Configure Helm** | Configure a complete Kubernetes deployment - wraps multiple routes plus ingress/gateway, TLS, secrets, and relay setup |
+
+### Using the Skills
+
+**With Claude Code** (slash commands):
+```
+/configure-route
+/configure-helm
+```
+
+**With any AI assistant** (paste the skill or ask directly):
+```
+I want to configure a webhook for Slack
+Help me deploy gatekeeper to Kubernetes
+```
+
+The skill definitions in [`agents/`](agents/) can be provided to any AI assistant as context for interactive configuration.
+
+### What the Skills Configure
+
+**Configure Route** supports all verifier types:
+- Slack (HMAC-SHA256 with replay protection)
+- GitHub (HMAC-SHA256)
+- Shopify (HMAC-SHA256 base64)
+- Google Calendar (header token)
+- Microsoft Graph (JSON field token)
+- Generic HMAC (configurable algorithm/encoding)
+- API Key, Query Parameter, Header Query Parameter
+
+**Configure Helm** handles:
+- Multiple webhook routes in a single deployment
+- Ingress (nginx, Traefik) or Gateway API configuration
+- TLS with cert-manager or built-in ACME
+- Secrets management (Helm-managed or external)
+- Redis/Valkey for multi-replica relay coordination
+- gatekeeper-relay deployment for private networks
+
+### Skill Documentation
+
+The skill definitions are in the [`agents/`](agents/) directory:
+- [`agents/configure-route.md`](agents/configure-route.md)
+- [`agents/configure-helm.md`](agents/configure-helm.md)
+
+---
+
 ## Alternatives Considered
 
 ### Convoy

agents/README.md

@@ -0,0 +1,38 @@
+# Gatekeeper Agent Skills
+
+This directory contains AI skills for interactive gatekeeper configuration. These skills work with any AI assistant that can follow structured instructions.
+
+## Available Skills
+
+| Skill | File | Claude Code |
+|-------|------|-------------|
+| Configure Route | [`configure-route.md`](configure-route.md) | `/configure-route` |
+| Configure Helm | [`configure-helm.md`](configure-helm.md) | `/configure-helm` |
+
+## Usage
+
+**With Claude Code**: Invoke skills with slash commands (`/configure-route`, `/configure-helm`)
+
+**With any AI assistant**: Either provide the skill file as context, or simply ask:
+- "I want to configure a webhook for Slack"
+- "Help me deploy gatekeeper to Kubernetes"
+
+## Skill Structure
+
+Each skill file contains:
+
+1. **Usage** - How to invoke the skill
+2. **Instructions** - Step-by-step flow for Claude to follow
+3. **Provider-specific guidance** - Configuration examples and setup instructions
+4. **Generated output** - Templates for the configuration files
+
+## Claude Code Integration
+
+These skills are symlinked from `.claude/skills/` for Claude Code slash command support:
+
+```
+.claude/skills/configure-route.md -> ../../agents/configure-route.md
+.claude/skills/configure-helm.md -> ../../agents/configure-helm.md
+```
+
+The canonical versions live here in `agents/` and are tracked in version control.