kubernetes
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill contains multiple shell scripts and markdown documentation that use the
kubectlCLI. These are standard operations for managing Kubernetes clusters (e.g., getting pods, viewing logs, scaling deployments) and do not pose a risk outside of their intended use for cluster administration. - [DATA_EXFILTRATION] (SAFE): While the skill demonstrates how to view Kubernetes secrets and logs, it does not contain any logic to transmit this data to external or untrusted domains. Commands like
kubectl get secretare intended for local administrative debugging. - [CREDENTIALS_UNSAFE] (SAFE): Several files (SKILL.md, references/manifests.md) contain placeholder secrets and example API keys (e.g.,
sk-secret-key,secret123). These are clearly marked as examples and do not represent actual hardcoded credentials. - [EXTERNAL_DOWNLOADS] (SAFE): SKILL.md mentions
kubectl apply -f https://example.com/manifest.yamlas a syntax example. This is a standard Kubernetes usage pattern and does not point to a malicious source. - [REMOTE_CODE_EXECUTION] (SAFE): The skill includes a Python script (
scripts/health-checker.py) that usessubprocess.runto callkubectl. This is a legitimate way to automate cluster health checks and does not use untrusted input.
Audit Metadata