kubernetes-rbac-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to analyze Kubernetes RBAC configurations, which serves as a vulnerability surface for indirect instructions. * Ingestion points: The agent is expected to use the Read tool to ingest YAML or JSON configuration files. * Boundary markers: Absent; there are no instructions provided to distinguish data from instructions within the ingested files. * Capability inventory: The skill allows the use of Bash, Write, Edit, and Grep tools, which could be leveraged if an injection occurs. * Sanitization: Absent; no logic is defined to validate or escape external configuration content.
- No Code (SAFE): The provided skill definition contains only metadata and no executable code, reducing the direct attack surface.
- Command Execution (SAFE): Use of the Bash tool is requested but is consistent with the skill's stated purpose of environment analysis.
Audit Metadata