k8s-manifest-generator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection risk by interpolating untrusted user data into generated Kubernetes YAML manifests.\n
- Ingestion points: User requirements for workload configuration (e.g., app names, images, ports, and environment variables) are gathered in
resources/implementation-playbook.md.\n - Boundary markers: No explicit delimiters or safety instructions are provided to the agent to prevent the execution of embedded instructions within the user-supplied data.\n
- Capability inventory: The generated manifests (Deployments, ConfigMaps, Secrets) can define executable commands, lifecycle hooks, and sensitive configuration files, providing a substantial attack surface if the input is manipulated.\n
- Sanitization: The implementation playbook and templates do not specify validation or sanitization steps to ensure that user inputs do not inject malicious YAML or script content.
Audit Metadata