k8s-security
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (MEDIUM): The skill utilizes tools to access and audit Kubernetes secrets (
get_secrets). Although this is the primary function of a security skill, accessing credential stores is inherently high-risk. Per instructions, the severity is reduced from HIGH to MEDIUM due to its intended use case. - Indirect Prompt Injection (LOW): The skill analyzes data from Kubernetes resources which could contain malicious instructions embedded by an attacker with cluster access. Evidence: 1. Ingestion points: Kubernetes resource names and specifications via
get_rolesanddescribe_pod. 2. Boundary markers: Absent. 3. Capability inventory: Read-only access to Kubernetes cluster metadata and resource specs. 4. Sanitization: None identified.
Audit Metadata