skills/mukul975/anthropic-cybersecurity-skills/performing-kubernetes-penetration-testing/Gen Agent Trust Hub
performing-kubernetes-penetration-testing
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and executes an installation script for Kubescape from its official GitHub repository to perform cluster security scans.
- [EXTERNAL_DOWNLOADS]: Deploys security auditing jobs directly from the official Aqua Security repository using kubectl apply.
- [COMMAND_EXECUTION]: Utilizes Python's subprocess module to execute kubectl commands for cluster reconnaissance, RBAC testing, and container escape analysis. The script correctly passes command arguments as a list, which mitigates the risk of shell injection.
- [DATA_EXFILTRATION]: While the skill is designed to extract sensitive cluster data like secrets and configuration maps, this behavior is documented as part of the penetration testing workflow and no unauthorized data exfiltration to external servers was identified.
Audit Metadata