rancher-deployment-management
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability.
- Ingestion points: The skill retrieves and processes Kubernetes Deployment specifications, revision histories, and event logs from external clusters.
- Boundary markers: The prompts do not include delimiters or specific instructions to ignore instructions embedded within the fetched Kubernetes resource data.
- Capability inventory: The skill uses
kubernetes_diff,kubernetes_watch, andkubernetes_rollout_historyto perform its tasks. - Sanitization: No sanitization or validation of the retrieved cluster data is performed before the agent processes the content.
- [COMMAND_EXECUTION]: Interacts directly with cluster infrastructure.
- Uses specialized tools to perform administrative actions such as monitoring rollouts and comparing configurations across different environments (e.g., staging vs. production). This involves accessing potentially sensitive infrastructure metadata, including environment variables and image versioning.
Audit Metadata