The Agent Skills Directory

[DATA_EXPOSURE]: The script scripts/network_debug.sh accesses the Kubernetes service account token located at /var/run/secrets/kubernetes.io/serviceaccount/token from within a target pod. This is used exclusively for an internal API connectivity probe to verify if the pod's service account can successfully reach the Kubernetes API server. The token is handled locally and is not transmitted outside the cluster environment.
[INDIRECT_PROMPT_INJECTION]: The skill processes potentially untrusted data by reading container logs and cluster event messages, which could contain instructions intended to influence the agent's behavior.
Ingestion points: Container logs (stdout/stderr) and event messages are retrieved via scripts/pod_diagnostics.py and scripts/cluster_health.sh using kubectl logs and kubectl get events.
Boundary markers: Diagnostic output from logs is presented to the agent without specific delimiters or defensive instructions to ignore embedded commands.
Capability inventory: The skill has the capability to execute shell commands and modify cluster state through the kubectl CLI.
Sanitization: No filtering or sanitization is applied to the retrieved log content or event descriptions before they are processed by the agent.
[COMMAND_EXECUTION]: The skill executes a wide range of kubectl commands, including potentially disruptive operations such as delete pod, drain node, and rollout restart. These are legitimate administrative actions required for Kubernetes troubleshooting. The skill documentation includes explicit safety rules requiring human confirmation and state snapshots before executing disruptive commands.
[DYNAMIC_EXECUTION]: Shell scripts within the skill utilize bash -c to execute piped command strings for filtering and processing diagnostic data (e.g., sorting events or tailing logs). These execution patterns are limited to local data processing using predefined templates and do not involve the execution of remote or untrusted code.

k8s-debug