holmesgpt-skill

This skill documentation and configuration is functionally coherent with its stated purpose (cloud-native troubleshooting) but contains a few supply-chain and data-exposure risks. The explicit Docker example that mounts ~/.kube/config plus a non-obvious private registry image (us-central1-docker.pkg.dev/genuine-flight-317411/devel/holmes) are the principal red flags: they encourage exposing cluster credentials to code from a registry that does not match the project branding. The /run interactive feature (executes arbitrary commands and sends output to AI) increases the potential for accidental or malicious exfiltration of sensitive data. If you plan to use this skill, do not run unverified images, avoid mounting kubeconfig into third-party containers, restrict the /run capability or audit its output, and verify network endpoints to ensure model and telemetry calls go to official provider domains. Overall: functionally appropriate but with notable supply-chain and credential-exposure concerns that warrant caution.