k8s-diagnostics
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [Data Exposure & Exfiltration] (HIGH): The
kubeconfig_view()andlist_contexts_tool()functions allow for the inspection of Kubernetes configuration files. These files typically contain sensitive cluster secrets, including API server endpoints, client certificates, and authentication tokens. Unauthorized access to this information could lead to a full cluster compromise. - [Indirect Prompt Injection] (LOW): The skill processes external, potentially attacker-controlled data from within the Kubernetes cluster.
- Ingestion points: Untrusted data enters the agent context through
get_pod_logs,get_events, anddescribe_node(SKILL.md). - Boundary markers: None are present; there are no instructions to the agent to ignore instructions embedded in logs or events.
- Capability inventory: The skill possesses significant cluster interaction capabilities, including resource metrics retrieval and environment comparisons (SKILL.md).
- Sanitization: There is no evidence of log sanitization or escaping before the data is presented to the LLM.
Recommendations
- AI detected serious security threats
Audit Metadata