The Agent Skills Directory

[COMMAND_EXECUTION]: The Python scripts scripts/agent.py and scripts/process.py invoke kubectl and the tetra CLI using the subprocess module. These calls are used to retrieve cluster information, verify deployment status, and query security policies. The implementation uses best practices, such as passing arguments as lists rather than raw strings, which prevents command injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: Instructions in SKILL.md guide the user to download the tetra binary from the official GitHub repository of the Cilium Tetragon project. This is a standard and safe procedure for acquiring the necessary tooling for this technology, targeting a well-known and reputable source.
[DATA_EXPOSURE]: The skill documents the creation of TracingPolicies that monitor access to sensitive file paths, such as /etc/shadow and Kubernetes PKI directories. This behavior is defensive and intended to provide observability into potential security breaches; the data is monitored by the kernel-level agent for logging and enforcement purposes and is not exfiltrated by the skill itself.

implementing-runtime-security-with-tetragon