kubernetes-operations
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (LOW): Potential surface for indirect prompt injection in
scripts/debug_pod.pyandSKILL.mddebugging workflows. Malicious instructions could be embedded in Kubernetes pod logs or event messages to influence the agent's subsequent actions. - Ingestion points: Untrusted data enters the agent context via
kubectl logsandkubectl get eventsinscripts/debug_pod.py. - Boundary markers: Log output is wrapped in markdown code blocks (```) for delimitation.
- Capability inventory: The skill allows high-privilege operations including
kubectl exec,kubectl delete,kubectl patch, andkubectl port-forward. - Sanitization: No specific sanitization or filtering of log content is performed prior to display.
- [COMMAND_EXECUTION] (SAFE): The skill performs administrative command execution via
kubectl. This is the primary intended purpose of the skill. Destructive commands are mitigated by strong instructional guardrails requiring context verification and dry-run flags.
Audit Metadata