performing-kubernetes-penetration-testing

This is an explicit Kubernetes penetration-testing playbook describing reconnaissance, exploitation, privilege escalation, lateral movement, and cleanup. It contains actionable offensive steps (token theft, privileged pod deployment, querying cloud metadata) that are operationally dangerous if used without authorization. The content is not executable malware, nor obfuscated, but it presents a moderate-to-high security risk if published or used improperly because it enables attackers to find and exploit misconfigurations. Use only in authorized testing contexts and ensure proper safeguards and auditability when applying these actions.

SUSPICIOUS: The skill is internally consistent as an offensive Kubernetes pentesting guide, but it gives an AI agent high-risk attack capabilities, secret extraction steps, privileged pod/host access, and live cluster modification commands. Install sources are mostly official and same-org, so supply-chain risk is moderate rather than extreme, but the overall security risk is high because the skill operationalizes offensive actions against infrastructure.