docker-kubectl-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill is designed to execute system commands (
docker,kubectl,git) to automate deployment workflows.\n - Evidence: Subprocess calls in
scripts/build_push_kubectl.share managed using bash arrays and safe quoting ("$@") to prevent shell injection.\n- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection through user-controlled parameters.\n - Ingestion points: Parameters like
--deployment,--namespace, and--imageinscripts/build_push_kubectl.share populated from user input via the agent.\n - Boundary markers: Absent. The
SKILL.mddoes not provide specific delimiters or instructions to the agent to treat user-provided parameters as literal data only.\n - Capability inventory: The skill has the capability to modify Kubernetes cluster state and push images to registries.\n
- Sanitization: While shell-level injection is mitigated by proper quoting in the script, the logic lacks semantic validation of the deployment targets provided by the user.
Audit Metadata