vm-snapshot-delete
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
resources_deletetool to permanently delete Kubernetes resources (VirtualMachineSnapshot). This is its primary intended function. - [SAFE]: Dependencies are sourced from a well-known and trusted repository (
github.com/openshift/openshift-mcp-server). - [SAFE]: The skill implements a mandatory 'Human-in-the-Loop' workflow, requiring explicit user approval after displaying the potential impact of the deletion.
- [DATA_EXFILTRATION]: The skill references the
KUBECONFIGenvironment variable, which contains sensitive cluster access information. However, it explicitly instructs to only verify its presence and not expose the actual value. - [PROMPT_INJECTION]: There is a potential surface for indirect prompt injection as the skill processes snapshot metadata (names, labels) from the cluster. This risk is effectively mitigated by the mandatory manual confirmation step before execution.
Audit Metadata