The Agent Skills Directory

[SAFE]: The skill performs legitimate security auditing functions as described in the documentation. It inspects Kubernetes pod specifications for common security risks like hostPID, hostNetwork, and privileged security contexts.
[DATA_EXFILTRATION]: The analysis of scripts/agent.py shows that data collected from the Kubernetes API is only printed to the standard output or saved to a local file named container_escape_report.json. No network operations to external domains were identified.
[CREDENTIALS_UNSAFE]: The skill correctly uses standard Kubernetes authentication methods (load_kube_config and load_incluster_config) to interact with the cluster. There are no hardcoded secrets, tokens, or private keys present in the source code.
[COMMAND_EXECUTION]: The skill interacts with the system solely through the kubernetes Python library. It does not use functions like os.system or subprocess.run to execute arbitrary shell commands.

performing-container-escape-detection