The Agent Skills Directory

[COMMAND_EXECUTION]: The skill mandates the use of hostNetwork: true in the generated Kubernetes StatefulSet manifest. This configuration allows the PostgreSQL pod to share the host's network namespace, bypassing network isolation, allowing it to see all traffic on the node, and increasing the risk of node-level attacks.
[CREDENTIALS_UNSAFE]: The Python script scripts/generate.py generates a random password and explicitly includes it as a plain-text comment (# Note: Raw password for reference: {password}) inside the generated Secret manifest. This exposes the credential to anyone with access to the YAML file, logs, or version control, significantly weakening the security of the deployment.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to lack of input validation in the manifest generation process.
Ingestion points: The storage and image parameters passed to scripts/generate.py via command-line arguments.
Boundary markers: None present in the Python script or the prompt instructions to delineate user input from the YAML structure.
Capability inventory: The skill generates resource manifests that are intended to be applied to a Kubernetes cluster, providing a path to infrastructure manipulation.
Sanitization: There is no sanitization or escaping performed on the storage_size or image variables before they are interpolated into the YAML template, allowing for potential manifest injection attacks.

postgre-skill