skills/jeremylongshore/claude-code-plugins-plus-skills/instantly-incident-runbook/Gen Agent Trust Hub
instantly-incident-runbook
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill explicitly reads and decodes sensitive Kubernetes secrets containing API keys. Evidence:
kubectl get secret instantly-secrets -o jsonpath='{.data.api-key}' | base64 -din SKILL.md. - [COMMAND_EXECUTION]: The skill executes high-privilege commands to modify the production environment, including changing environment variables and restarting services. Evidence:
kubectl set env deployment/instantly-integration ...andkubectl rollout restart deployment/instantly-integrationin SKILL.md. - [COMMAND_EXECUTION]: The skill performs credential modification by creating and applying new Kubernetes secrets. Evidence:
kubectl create secret ... | kubectl apply -f -in SKILL.md. - [COMMAND_EXECUTION]: The skill invokes a local shell script whose contents are not provided for verification. Evidence:
./scripts/instantly-debug-bundle.shin SKILL.md. - [INDIRECT_PROMPT_INJECTION]: The skill ingests potentially untrusted data from service logs and external status pages while having high-privilege cluster access. Ingestion points:
kubectl logsandcurl -s https://status.instantly.com. Capability inventory:kubectlmodification and secret access. Sanitization: No sanitization or boundary markers are present for the ingested data.
Audit Metadata