optimize-cloud-costs
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface identified.
- Ingestion points: The skill ingests data from the local Kubernetes cluster via kubectl get pods and kubectl get ns in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential instructions embedded in cluster metadata.
- Capability inventory: The skill utilizes powerful tools including Bash, Write, and Edit which could be targeted by injected instructions.
- Sanitization: Data extracted from the cluster (such as pod names and labels) is processed by jq and shell scripts without validation or escaping.
- [EXTERNAL_DOWNLOADS]: The skill downloads software from established and trusted repositories.
- Evidence: It fetches the Kubecost Helm repository and clones the official Kubernetes Autoscaler project from GitHub to install the Vertical Pod Autoscaler.
- [COMMAND_EXECUTION]: The skill performs significant cluster management operations.
- Evidence: It executes various kubectl and helm commands to create secrets, modify configuration maps, and deploy autoscaling components.
Audit Metadata