Skills
skills/ahmedasmar/devops-claude-skills/k8s-troubleshooter/Gen Agent Trust Hub

k8s-troubleshooter

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes kubectl, ssh, and helm commands for cluster diagnostics. These are legitimate tools for the stated purpose. The Python script scripts/check_namespace.py uses subprocess.run with list-based arguments, which is a recommended security practice to prevent shell injection.
  • [DATA_EXFILTRATION]: The skill accesses cluster status, logs, and events to provide troubleshooting information to the user. No unauthorized network operations or exfiltration to external domains were identified.
  • [PROMPT_INJECTION]: The skill processes data from pod logs and events, creating an attack surface for indirect prompt injection.
  • Ingestion points: pod logs and event messages in scripts/check_namespace.py and SKILL.md.
  • Boundary markers: None present.
  • Capability inventory: full kubectl access, ssh capabilities, and local script execution.
  • Sanitization: No content filtering of cluster data is performed.
  • [SAFE]: Static analysis findings regarding destructive commands (such as rm or dd) in reference files were reviewed and found to be benign, properly documented steps for cleaning up Helm dependencies or performing disk performance testing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 09:02 PM