diff --git a/psp-host-namespaces/README.md b/psp-host-namespaces/README.md
new file mode 100644
index 00000000..07d25e59
--- /dev/null
+++ b/psp-host-namespaces/README.md
@@ -0,0 +1,7 @@
+## Introduction
+
+`psp-host-namespaces` is a kcl PSP validation package. 
+
+## Resource
+
+Code source and document is [here](https://github.com/kcl-lang/artifacthub/tree/main/psp-host-namespaces)
diff --git a/psp-host-namespaces/kcl.mod b/psp-host-namespaces/kcl.mod
new file mode 100644
index 00000000..491c079e
--- /dev/null
+++ b/psp-host-namespaces/kcl.mod
@@ -0,0 +1,5 @@
+[package]
+name = "psp-host-namespaces"
+version = "0.1.0"
+description = "`psp-host-namespaces` is a kcl validation package"
+
diff --git a/psp-host-namespaces/kcl.mod.lock b/psp-host-namespaces/kcl.mod.lock
new file mode 100644
index 00000000..e69de29b
diff --git a/psp-host-namespaces/main.k b/psp-host-namespaces/main.k
new file mode 100644
index 00000000..40ceae4b
--- /dev/null
+++ b/psp-host-namespaces/main.k
@@ -0,0 +1,19 @@
+"""Disallows sharing of host PID and IPC namespaces by pod containers.
+Corresponds to the `hostPID` and `hostIPC` fields in a PodSecurityPolicy.
+For more information, see
+https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces
+"""
+
+# Define the validation function
+validate = lambda item: {str:} {
+    n = ""
+    if item.kind == "Pod":
+        n = item.spec.hostPID or item.spec.hostIPC
+    elif item.kind == "Deployment":
+        n = item.spec.template.spec.hostPID or item.spec.template.spec.hostIPC
+    assert not n, "Sharing the host namespace is not allowed: {}".format(item.metadata.name)
+    # Return the resource
+    item
+}
+# Validate All resource
+items = [validate(i) for i in option("items")]