The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the kube-bench binary and Kubernetes Job manifests from Aqua Security's official GitHub repository (github.com/aquasecurity). This is a well-known security vendor and the source is appropriate for the skill's purpose.- [REMOTE_CODE_EXECUTION]: Installation instructions in SKILL.md and workflows.md involve piping a remote tarball from GitHub into a local extraction command (curl | tar) and applying remote YAML manifests directly via kubectl. These are documented steps for installing the third-party auditing tool.- [COMMAND_EXECUTION]: The agent.py and process.py scripts use the subprocess module to execute kube-bench and kubectl commands to gather cluster security data. The installation process also utilizes sudo to move the downloaded binary to a system path. The provided Kubernetes audit manifests utilize high-privilege settings such as hostPID: true and host path volume mounts to allow the tool to inspect node-level configuration files (e.g., /etc/kubernetes). these actions are necessary for the primary purpose of conducting a CIS benchmark audit.

performing-kubernetes-cis-benchmark-with-kube-bench