The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The file examples/kubernetes/gatekeeper-constraints.yaml contains instructions to download a Gatekeeper manifest from the open-policy-agent GitHub organization. This organization is not included in the pre-approved trusted sources list.- REMOTE_CODE_EXECUTION (MEDIUM): The skill suggests using kubectl apply on a remote URL, which allows for the execution of unverified configuration at the cluster level, potentially installing high-privilege controllers or mutating existing resources.- PROMPT_INJECTION (LOW): (Category 8: Indirect Prompt Injection) Rego policies in examples/kubernetes/gatekeeper-constraints.yaml interpolate untrusted label values directly into error messages without sanitization. If an LLM-based agent processes these error messages for automated remediation, an attacker could craft malicious label values to influence the agent's behavior. Ingestion points: Kubernetes resource labels processed by ConstraintTemplate resources. Boundary markers: Absent; values are directly interpolated into the violation message. Capability inventory: The skill's blueprint (outputs.yaml) references remediation scripts (auto-remediate-tags.py) which imply the agent has write access to the cluster. Sanitization: Absent; label values are reflected exactly as found in metadata.

resource-tagging