The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: References the official Helm installation script from the Helm GitHub repository (https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3). This is a reference to a well-known and recognized service.\n- [REMOTE_CODE_EXECUTION]: Includes patterns for downloading and executing remote scripts via shell piping for the purpose of tool installation from recognized sources.\n- [CREDENTIALS_UNSAFE]: Provides instructions for retrieving and decoding Kubernetes Secrets using the command kubectl get secret -o jsonpath='{.data.password}' | base64 -d, enabling the agent to access sensitive credentials.\n- [COMMAND_EXECUTION]: Instructs the agent on utilizing powerful commands such as kubectl exec for interactive container access, kubectl run for creating ephemeral resources, and helm install for deploying software, all of which require significant privileges.\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection because the skill processes data from the cluster that could be controlled by an external actor.\n
Ingestion points: Cluster logs and resource definitions retrieved via kubectl logs, kubectl get, and kubectl describe (referenced in SKILL.md and REFERENCE.md).\n
Boundary markers: No specific delimiters or warnings are used to differentiate cluster data from instructions.\n
Capability inventory: Access to Bash (kubectl, helm, kustomize), WebFetch, and file system write operations.\n
Sanitization: The skill does not describe any validation or sanitization steps for data retrieved from the cluster before it is processed by the agent context.

kubernetes-operations