k8s-platform-tenancy
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: An indirect prompt injection surface is identified where user-provided data is interpolated into Kubernetes YAML templates.
- Ingestion points:
SKILL.mddefines templates for Namespaces and ResourceQuotas that use variables such as${TENANT_NAME},${ENV}, and${OWNER_EMAIL}. - Boundary markers: No specific delimiters or boundary markers are suggested to prevent malicious input from escaping the intended YAML structure.
- Capability inventory: The skill utilizes high-impact capabilities through
mcp__flux-operator-mcp__apply_kubernetes_manifestto modify the cluster configuration. - Sanitization: The instructions do not specify validation or sanitization requirements for the inputs used to populate the resource templates.
Audit Metadata