kargo-skill

This SKILL.md documentation describes legitimate installation and operational steps for Kargo. It does not contain embedded malware or obfuscated code. The primary security concerns are operational: (1) the quickstart curl | sh pattern executes remote code locally and should be audited before use, and (2) examples show storing and transmitting long-lived credentials (K8s Secrets, AWS/GCP keys, PATs) which are necessary for integrations but must be secured, rotated, and scoped appropriately. No direct evidence of malicious behavior was found in the provided file itself.