The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill installs 'kubiscan' via pip and 'rbac-tool' via kubectl krew. Both are widely recognized open-source security tools maintained by reputable organizations (CyberArk and Alcide/Rapid7).
[COMMAND_EXECUTION]: The skill executes 'kubectl' commands through shell instructions and Python subprocess calls to gather RBAC data from the cluster. These operations are restricted to read-only metadata retrieval necessary for auditing.
[REMOTE_CODE_EXECUTION]: No patterns of remote code execution or execution of untrusted scripts were found. The tool logic is contained within local Python scripts and standard binaries.
[DATA_EXFILTRATION]: Audit results are saved to local JSON files (e.g., 'rbac_audit_report.json'). There are no network operations observed that would transmit sensitive cluster configuration to external servers.
[CREDENTIALS_UNSAFE]: The scripts use standard Kubernetes configuration loading mechanisms (kubeconfig or in-cluster service account tokens) and do not contain hardcoded credentials or secrets.

auditing-kubernetes-rbac-permissions