Skills
skills/akin-ozer/cc-devops-skills/k8s-debug/Gen Agent Trust Hub

k8s-debug

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/pod_diagnostics.py uses subprocess.run with shell=True to execute kubectl commands. It interpolates the pod_name and namespace variables directly into the command string without validation. If an attacker can influence the pod name (e.g., by creating a pod with a name containing shell metacharacters like semicolons), they could execute arbitrary commands on the system running the skill. \n
  • Ingestion points: pod_name and namespace arguments in scripts/pod_diagnostics.py and scripts/network_debug.sh.\n
  • Boundary markers: None.\n
  • Capability inventory: subprocess.run (Python), kubectl exec (Shell), kubectl logs.\n
  • Sanitization: Absent; inputs are interpolated directly into shell commands.\n- [EXTERNAL_DOWNLOADS]: The skill documentation and scripts suggest using the nicolaka/netshoot Docker image for network troubleshooting. This is an established community tool commonly used for Kubernetes diagnostics.\n- [COMMAND_EXECUTION]: The toolkit provides the agent with extensive access to cluster diagnostics via kubectl, including logs and configuration metadata. While essential for debugging, this provides the agent with access to sensitive application data and cluster state, requiring the execution environment to follow the principle of least privilege.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 08:58 AM