Skills
skills/bagelhole/devops-security-agent-skills/model-serving-kubernetes/Gen Agent Trust Hub

model-serving-kubernetes

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses kubectl and helm commands to manage Kubernetes resources, install the KServe controller, and deploy model serving manifests.
  • [EXTERNAL_DOWNLOADS]: Fetches deployment artifacts from well-known sources, including the KServe Helm repository and official container images from the vLLM project and NVIDIA Container Registry.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is identified.
  • Ingestion points: Model inference endpoints defined in SKILL.md (e.g., the iris and llama-3-8b services) ingest untrusted data from external sources for processing.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded prompts are defined for the inference data payloads.
  • Capability inventory: The skill possesses the capability to modify cluster state and run commands via kubectl and helm as described in SKILL.md.
  • Sanitization: No input validation or sanitization logic is present in the provided Kubernetes manifests or example commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:44 PM