The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it accepts untrusted user input and incorporates it into sensitive cluster management commands.
Ingestion points: Input parameters such as $TYPE, $NAME, and $NAMESPACE in scripts/generate-manifest.sh, $APP in scripts/argocd-app-sync.sh, and $NODE in scripts/node-maintenance.sh.
Boundary markers: Absent. Input variables are directly interpolated into shell command strings and YAML heredocs without delimiters or system-level instructions to ignore embedded content.
Capability inventory: The skill possesses extensive cluster-wide capabilities, including the ability to drain nodes, upgrade cluster versions, and modify resource manifests using kubectl, oc, and various cloud provider CLIs.
Sanitization: Missing. There is no validation, filtering, or escaping of input parameters before they are used in command execution.
[COMMAND_EXECUTION]: The skill relies on multiple shell scripts that execute complex CLI operations to manage cluster health and configuration. These scripts automate tasks such as node maintenance and security auditing using industry-standard tools like kubectl, oc, argocd, and az.

kubernetes