Skills
skills/metalbear-co/skills/mirrord-operator/Gen Agent Trust Hub

mirrord-operator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The skill instructs the agent to perform high-privilege operations on a Kubernetes cluster, including namespace creation (kubectl create namespace), operator installation (helm install), and RBAC modification (ClusterRole creation). Improper handling of these commands poses a significant risk to cluster integrity.
  • PROMPT_INJECTION (HIGH): Indirect Prompt Injection Surface (Category 8).
  • Ingestion points: The skill processes untrusted user input for license keys, target pod names, and Helm configuration values.
  • Boundary markers: Absent. There are no delimiters or instructions to ignore malicious content embedded within user-provided strings.
  • Capability inventory: The skill possesses extensive capabilities via kubectl and helm to modify cluster state, install packages, and view logs.
  • Sanitization: Absent. There is no evidence of validation or escaping for user-supplied arguments before they are passed to shell commands.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill downloads and installs Helm charts from an external repository (https://metalbear-co.github.io/charts). This source is not included in the pre-defined trusted organizations list, making the dependency unverifiable for safety.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:57 AM