chaos-engineering

This chaos-engineering skill implements destructive fault-injection capabilities that align with its stated purpose and are not inherently malicious. However, it presents moderate-to-high operational risk if used without strict controls: the manifest incorrectly indicates no authorization requirement, authentication examples expose secrets via CLI, endpoints and trust boundaries are ambiguous, and mandatory safety gates (human approval, scoped RBAC, allowlists, rate-limiting) are absent. Recommend: (1) require explicit authorization for destructive experiments (set authorization_required true), (2) enforce least-privilege tokens and provide RBAC role examples, (3) forbid passing secrets on command line in examples and recommend secret stores, (4) make control-plane endpoints explicit with TLS and auth schemes, (5) require approval gating and allowlists for targets and change windows, and (6) redact secrets in logs and webhook payloads. With these mitigations, the feature can be used safely in staging and controlled production experiments.