k8s-networking
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill utilizes kubectl_exec to run commands within the cluster. * Evidence: Found in 'Troubleshooting Connectivity' section: kubectl_exec(pod="debug-pod", ..., command="nslookup ..."). * Risk: This tool allows the execution of arbitrary commands within Kubernetes pods. If the agent receives malicious instructions or processes untrusted pod data, this could be used for lateral movement or data discovery within the cluster.
- [INDIRECT_PROMPT_INJECTION] (LOW): Vulnerability surface detected in Kubernetes resource processing. * Ingestion points: get_services, get_endpoints, get_network_policies, get_ingresses. * Boundary markers: Absent. * Capability inventory: kubectl_exec, kubectl_apply. * Sanitization: Not present. * Risk: An attacker with control over Kubernetes resource metadata (e.g., service names, pod labels) could potentially inject instructions that the agent might follow when diagnosing issues.
Audit Metadata