auditing-kubernetes-cluster-rbac
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for security posture assessment. Both the Python implementation in
scripts/agent.pyand the manual workflow inSKILL.mdfocus on querying the Kubernetes API for security-relevant configurations without making modifications to the cluster. - [COMMAND_EXECUTION]: The workflow involves executing standard security tools such as
rbac-tool,KubiScan, andKubeaudit. These tools are industry standards for cloud security auditing and are used appropriately within the documented workflow. - [EXTERNAL_DOWNLOADS]: The skill references established security utilities hosted on reputable platforms including GitHub (CyberArk, Shopify) and official package registries (PyPI, Homebrew). These downloads are necessary for the skill's primary function and come from trusted sources.
- [DATA_EXFILTRATION]: Audit results are processed locally and saved to a user-specified JSON file (
k8s_rbac_audit.json). There are no network requests observed that would exfiltrate cluster data to external unknown domains.
Audit Metadata