k8s-backup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill invokes Kubernetes-specific tools (
velero_backup_create_tool,kubectl_apply, etc.) for administrative tasks. These calls are consistent with the skill's description for managing backups and restores. - [DATA_EXPOSURE] (SAFE): The skill references the handling of Kubernetes secrets during restoration processes. This is an expected and necessary behavior for a backup/restore utility and does not constitute unauthorized data exposure.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface as it processes data from the cluster environment and possesses write capabilities.
- Ingestion points: Resource lists and backup metadata retrieved via
velero_backups_list_toolandvelero_restores_list_toolinSKILL.md. - Boundary markers: Absent; the skill does not explicitly use delimiters to separate cluster data from instructions.
- Capability inventory: Cluster state modification via
kubectl_applyandvelero_restore_create_toolinSKILL.md. - Sanitization: Absent; the skill relies on the underlying CLI tools for validation of resource names and manifests.
Audit Metadata