skills/jeremylongshore/claude-code-plugins-plus-skills/coderabbit-incident-runbook/Gen Agent Trust Hub
coderabbit-incident-runbook
Fail
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill contains explicit instructions to retrieve and decode sensitive API keys from Kubernetes secrets using
kubectl get secret coderabbit-secrets -o jsonpath='{.data.api-key}' | base64 -d. This causes high-privilege credentials to be displayed in the agent's cleartext output. - [COMMAND_EXECUTION]: The skill defines broad permissions for
Bash(kubectl:*)andBash(curl:*), allowing the agent to perform administrative infrastructure changes such as restarting deployments (kubectl rollout restart) and modifying environment variables (kubectl set env). - [DATA_EXFILTRATION]: The skill's 'Evidence Collection' phase involves bundling logs and metrics into files (
incident-logs.txt,metrics.json) and running a local script./scripts/coderabbit-debug-bundle.sh. While intended for debugging, these mechanisms can be used to aggregate and potentially move sensitive environment data. - [REMOTE_CODE_EXECUTION]: The skill executes a local script
./scripts/coderabbit-debug-bundle.sh. As the content of this script is not provided in the skill definition, its behavior cannot be fully verified, presenting a risk if the script performs unsafe operations.
Recommendations
- AI detected serious security threats
Audit Metadata