k8s-crd-design-review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions attempting to bypass safety filters or override agent behavior.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths, hardcoded credentials, or network operations were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install external packages or download/execute remote scripts.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: Processes untrusted user-provided CRD YAML manifests or text descriptions (SKILL.md).
- Boundary markers: None explicitly defined to separate user input from instructions.
- Capability inventory: Analysis only; the skill has no file-write, command execution, or network capabilities.
- Sanitization: Not present, but risks are minimal due to lack of side-effect capabilities.
- [Dynamic Execution] (SAFE): No runtime code generation or unsafe deserialization patterns were found.
Audit Metadata