Skills
skills/bagelhole/devops-security-agent-skills/kubernetes-ops/Gen Agent Trust Hub

kubernetes-ops

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The skill documentation includes hardcoded sensitive information in its examples. Evidence: 'postgres://user:pass@host:5432/db' and 'api-key: secret-key-value' in the Secret resource manifest; '--docker-password=pass' in the kubectl command-line example.
  • [COMMAND_EXECUTION] (HIGH): The skill provides tools for arbitrary command execution within the target environment. Evidence: 'kubectl exec' and 'kubectl debug' allow running interactive shells and arbitrary binaries inside cluster containers.
  • [PROMPT_INJECTION] (HIGH): There is a high risk of indirect prompt injection (Category 8) due to the combination of untrusted data access and high-privilege write capabilities. * Ingestion points: The agent reads untrusted content via 'kubectl logs' and 'kubectl get events'. * Boundary markers: No markers or instructions are provided to help the agent distinguish data from instructions. * Capability inventory: Includes powerful tools like 'kubectl apply', 'kubectl exec', and 'kubectl edit'. * Sanitization: No sanitization or validation of the ingested cluster data is performed.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:32 PM