The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill provides instructions in SKILL.md to download the Kubesec binary from a third-party GitHub repository (controlplaneio/kubesec) which is not on the explicit trusted vendor list.\n- [REMOTE_CODE_EXECUTION]: Installation instructions involve downloading a remote binary and moving it to /usr/local/bin, which allows for the execution of unverified third-party code on the host system.\n- [DATA_EXFILTRATION]: Local Kubernetes manifest files are transmitted to an external service (https://v2.kubesec.io/scan) via HTTP POST requests in scripts/agent.py and scripts/process.py. This can expose sensitive cluster configuration data.\n- [COMMAND_EXECUTION]: Both agent.py and process.py utilize subprocess.run to execute the kubesec binary and the curl utility for scanning operations.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted Kubernetes manifests. (1) Ingestion points: scripts/agent.py and scripts/process.py read .yaml, .yml, and .json files. (2) Boundary markers: None identified in the source code. (3) Capability inventory: The skill can execute commands via subprocess.run, make network requests via requests and curl, and write reports to the local filesystem. (4) Sanitization: No input validation or sanitization is performed on manifest content before processing.

scanning-kubernetes-manifests-with-kubesec