troubleshooting
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructions include high-privilege operations such as
kubectl exec,kubectl debug, and cluster resource modification (kubectl set resources). While necessary for troubleshooting, these commands grant the agent broad access to the environment. - [EXTERNAL_DOWNLOADS] (LOW): The skill references external container images for debugging purposes, including
nicolaka/netshootandbusybox. Whilegcr.iois a trusted source, the use of community-maintained images likenetshootintroduces a dependency on external, third-party content. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection (Category 8).
- Ingestion points: The agent is instructed to read untrusted data via
kubectl logs,kubectl get events, andkubectl describe pod. - Boundary markers: None present in the instructions to help the agent distinguish between log content and system instructions.
- Capability inventory: The agent has access to powerful tools like
kubectl exec,kubectl debug, andkubectl run. - Sanitization: No sanitization or validation of the retrieved log/event data is suggested before the agent processes it.
Audit Metadata