vm-inventory
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Uses the
occommand-line utility as a fallback for listing resources. This is standard for OpenShift environments and is gated by user confirmation. - [EXTERNAL_DOWNLOADS]: References the official
openshift-mcp-serverfrom GitHub. This is a trusted source for managing OpenShift Virtualization resources. - [PROMPT_INJECTION]: The skill ingests data from cluster resources via
resources_listandresources_get(Ingestion points). While it lacks explicit boundary markers or sanitization in the output (Boundary markers/Sanitization), its capabilities are limited to read-only resource retrieval and reading local documentation (Capability inventory), presenting no significant risk. - [CREDENTIALS_UNSAFE]: Mentions the
KUBECONFIGenvironment variable but includes specific safety instructions to never display or expose its value or the associated credentials.
Audit Metadata