Skills
skills/rohitg00/kubectl-mcp-server/k8s-capi/Gen Agent Trust Hub

k8s-capi

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The skill provides the capi_cluster_kubeconfig_tool which extracts and returns workload cluster access credentials. Exposure of these credentials allows full administrative control over the target Kubernetes clusters.
  • [COMMAND_EXECUTION] (HIGH): The skill utilizes kubectl_apply to process YAML manifests. This capability can be abused to deploy unauthorized or malicious resources (such as privileged pods or hostPath mounts) into the management or workload clusters if the manifest generation process is compromised.
  • [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8). It ingests external user instructions to define infrastructure state. If an attacker provides malicious parameters that are interpolated into YAML templates without strict sanitization, they could escalate privileges or modify unintended clusters. Evidence: kubectl_apply and capi_machinedeployment_scale_tool in SKILL.md ingest parameters like name, namespace, and manifest content without visible boundary markers or validation logic.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:52 AM