manage-kubernetes-secrets

This skill/instruction set is a legitimate, operational guide for Kubernetes secrets management. It contains standard high-privilege operations (etcd access, KMS integration, IAM role creation, installing cluster controllers) and remote downloads of controller manifests and CLI binaries. The primary risks are operational/supply-chain: executing remote manifests and binaries without verification, running high-privilege commands, and the possibility that operators copy example plaintext secrets or unsecured backups into version control. There is no evidence in the provided content of deliberate credential harvesting, backdoors, obfuscation, or exfiltration to attacker-controlled domains. Recommended mitigations: pin and verify downloaded artifacts (use checksums or signed releases), avoid committing plaintext secrets or backups to Git, apply least-privilege IAM/RBAC policies, audit third-party controllers before installation, and restrict etcd access.