k8s-orchestrator
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [General Security] (SAFE): This skill is entirely text-based and contains no executable scripts (Python, JavaScript, Shell, etc.). It functions as a set of prompt instructions and examples for an AI agent.- [Data Exposure] (SAFE): The skill does not attempt to access local files, credentials, or environment variables. It specifically instructs the agent to use Kubernetes Secrets for sensitive information instead of plaintext environment variables, which is a security best practice.- [Indirect Prompt Injection] (LOW): While the skill ingests user input to generate YAML manifests (a common surface for indirect injection), the skill itself has no tool capabilities or command execution functions to be exploited. Evidence: Ingestion point (SKILL.md examples), Boundary markers (None), Capability inventory (None), Sanitization (None).
Audit Metadata