gitops-workflow

This GitOps skill is largely documentation and examples for installing and configuring ArgoCD and Flux. However, it contains several supply-chain and privilege-escalation risks: an explicit curl|bash installer executed with sudo, direct application of remote manifests, and instructions that retrieve Kubernetes secrets and read/write local agent memory files. Those patterns are common in quickstart guides but present real supply-chain and credential-exposure risks if an agent or user executes them automatically or in CI without pinning or verification. Recommendation: avoid blindly executing curl|bash; pin remote manifests to commit SHAs; avoid printing secrets to shared logs; require explicit user confirmation before performing installs, applying manifests, or reading/writing local memory files.