Skills
skills/rohitg00/kubectl-mcp-server/k8s-vind/Gen Agent Trust Hub

k8s-vind

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill instructs the user to download the vCluster CLI from github.com/loft-sh/vcluster. This matches the [TRUST-SCOPE-RULE] for trusted GitHub organizations and repositories, downgrading the severity to LOW.
  • COMMAND_EXECUTION (LOW): The skill uses curl, chmod, and sudo mv to install the binary. While sudo is a privilege escalation marker, it is a standard and expected procedure for installing a CLI tool to /usr/local/bin/ in a development environment.
  • INDIRECT_PROMPT_INJECTION (INFO): The skill handles Kubernetes manifests and configuration values (e.g., set_values, manifest="""..."""). While this is a data ingestion surface, the risk is negligible as it typically involves developer-controlled infrastructure code rather than untrusted third-party content.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 08:25 AM