kubespray-airgap
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the user to execute local shell scripts including setup-container.sh, start-nginx.sh, and setup-offline.sh to prepare the admin server and air-gapped environment.
- [COMMAND_EXECUTION]: Includes a sed command to dynamically update the download-kubespray-files.sh script with specific version parameters before execution.
- [EXTERNAL_DOWNLOADS]: Details the configuration of download URLs in offline.yml for core Kubernetes binaries and infrastructure components (e.g., kubeadm, etcd, containerd) from well-known sources.
- [REMOTE_CODE_EXECUTION]: Guides the user to install Python dependencies from a requirements.txt file using the pip package manager, which is a standard requirement for the Ansible-based Kubespray deployment process.
Audit Metadata