Skills
skills/rohitg00/kubectl-mcp-server/k8s-service-mesh/Gen Agent Trust Hub

k8s-service-mesh

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill possesses write/execute capabilities through kubectl_apply and apply_manifest tools.
  • Ingestion points: The skill instructions demonstrate taking YAML content (e.g., VirtualService, DestinationRule) and applying it to the cluster (SKILL.md, TRAFFIC-SHIFTING.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the manifests are present in the skill files.
  • Capability inventory: kubectl_apply, apply_manifest, and istioctl install provide the agent with the ability to modify cluster state and network routing.
  • Sanitization: There is no evidence of sanitization or validation logic for the YAML manifests before they are applied.
  • Command Execution (MEDIUM): The skill documentation includes shell commands for installation (istioctl install --set profile=demo). While documented as a prerequisite, an agent following these instructions might execute commands in a privileged context without sufficient validation of parameters.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:20 AM