skills/patricio0312rev/skills/kubernetes-manifest-generator/Socket

kubernetes-manifest-generator

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This is a declarative Kubernetes manifest collection and Kustomize layout that matches its stated purpose. I found no active or hidden malicious code. The primary issues are insecure examples and operational/security misconfigurations (plaintext credentials in Secret manifest, broad network egress, and a Role that permits reading secrets). Those are security risks (misuse or accidental leakage) rather than indicators of malware or supply-chain exfiltration mechanisms embedded in the code. Treat the provided manifests as templates that require remediation before use in production: remove hardcoded secrets, tighten RBAC, and restrict egress. LLM verification: The artifact matches its stated purpose and contains useful best-practice elements (securityContext, probes, resource limits). It is not actively malicious: no obfuscation, backdoors, or network exfiltration code was found. The primary security concern is operational: the example Secret contains plaintext credentials and the ExternalSecret snippet is incomplete, which could lead to accidental credential exposure or misconfiguration. Recommend updating examples to avoid embedding secrets, demonst

Confidence: 80%Severity: 75%

Audit Metadata

Analyzed At

Mar 18, 2026, 03:49 PM

Package URL

pkg:socket/skills-sh/patricio0312rev%2Fskills%2Fkubernetes-manifest-generator%2F@45b52bcd08077a32fb459de6d4ecad4e8d803d53