Skills
skills/proompteng/lab/kubernetes/Gen Agent Trust Hub

kubernetes

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill provides capabilities to execute arbitrary commands within containers and apply GitOps manifests to the cluster.
  • Evidence: 'kubectl exec' and 'kubectl apply' commands documented in 'SKILL.md' and 'references/kubectl-runbook.md'.
  • Context: These are primary intended features for a Kubernetes skill, so severity is lowered from HIGH to LOW.
  • [PROMPT_INJECTION] (LOW): The skill has an attack surface for indirect prompt injection via log monitoring and execution output.
  • Ingestion points: 'kubectl logs' and 'kubectl exec' outputs (SKILL.md, references/kubectl-runbook.md).
  • Boundary markers: Absent; no instructions provided to ignore or delimit embedded commands in processed data.
  • Capability inventory: 'kubectl apply', 'kubectl exec', and 'helm' operations across all scripts.
  • Sanitization: No sanitization of pod output is implemented.
  • [EXTERNAL_DOWNLOADS] (LOW): Uses the 'mise' tool manager to execute specific versions of Helm and kustomize.
  • Evidence: 'mise exec helm@3 -- kustomize build' in 'SKILL.md'.
  • Risk: This involves on-demand execution of external binary tools which may involve background downloads.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:21 PM