kubespray-monitoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This SKILL.md explicitly instructs downloading community dashboards from grafana.com (see "Download Community Dashboards" curl commands) which fetches public, user-contributed JSON dashboards that are ingested and loaded into Grafana as part of the workflow, so untrusted third-party content could influence monitoring/alerting behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs helm repo add and helm install at runtime, which fetches and deploys remote Helm charts (i.e., executes externally supplied manifests) from https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/ and https://prometheus-community.github.io/helm-charts that the setup depends on, so these URLs present a runtime external dependency that can execute code in the cluster.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs editing system-level configuration (etcd, /etc/exports), running an Ansible playbook with privilege escalation (-b), and uses sudo-level troubleshooting commands — all of which modify system files/services and require root access.