skills/jeremylongshore/claude-code-plugins-plus-skills/ideogram-incident-runbook/Gen Agent Trust Hub
ideogram-incident-runbook
Fail
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill contains a command to retrieve and decode a sensitive API key from a Kubernetes secret (
kubectl get secret ideogram-secrets -o jsonpath='{.data.api-key}' | base64 -d), which exposes the secret in plain text within the agent's output session. - [COMMAND_EXECUTION]: The skill facilitates high-privilege administrative actions on production clusters, including creating and applying new secrets (
kubectl create secret ... | kubectl apply), modifying environment variables for running deployments (kubectl set env), and triggering service restarts (kubectl rollout restart). - [COMMAND_EXECUTION]: The skill references and executes an external local script (
./scripts/ideogram-debug-bundle.sh) whose contents and safety cannot be verified within this file.
Recommendations
- AI detected serious security threats
Audit Metadata