Skills
skills/baotoq/agent-skills/kubernetes-specialist/Gen Agent Trust Hub

kubernetes-specialist

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): Piped shell execution of remote scripts detected in references/service-mesh.md. This pattern (curl | sh) allows arbitrary code execution from external sources without prior verification. Evidence: curl -L https://istio.io/downloadIstio | sh - and curl ... linkerd.io/install | sh.
  • CREDENTIALS_UNSAFE (HIGH): Reference file references/configuration.md contains hardcoded sensitive patterns in secret templates, including an API key prefix (sk-) and a private key header (-----BEGIN OPENSSH PRIVATE KEY-----).
  • EXTERNAL_DOWNLOADS (HIGH): The skill instructs the user to download and apply Kubernetes manifests from non-whitelisted external URLs in references/service-mesh.md (e.g., istio.io and raw.githubusercontent.com/istio/...).
  • COMMAND_EXECUTION (MEDIUM): Multiple reference files provide templates for Kubernetes Jobs and CronJobs that execute shell commands (/bin/sh -c) within containers, which increases the attack surface if inputs are not properly sanitized.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:49 PM