k8s-image-audit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard Kubernetes (kubectl) and Helm (helm) commands to inspect cluster state, container images, and deployment configurations.
- [DATA_EXFILTRATION]: No network activity or external data transmission patterns were detected. All operations are confined to reading cluster data and local build logs.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API tokens, or private keys were found within the skill file or metadata.
- [REMOTE_CODE_EXECUTION]: No remote script downloads, piped execution, or dynamic code execution patterns were identified.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where the skill processes data from the Kubernetes cluster environment. 1. Ingestion points: Cluster state information retrieved via kubectl and helm outputs. 2. Boundary markers: Absent. 3. Capability inventory: Read-only cluster queries (kubectl, helm) and local log file access. 4. Sanitization: Absent. The risk is low because the skill lacks capabilities to perform file writing or network requests based on the ingested data.
Audit Metadata