iac-scan-kube-linter
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill uses shell interpolation for the
<path>argument in the commandkube-linter lint <path>. If the path is derived from untrusted input, an attacker can execute arbitrary commands using shell metacharacters (e.g.,;,&&,|). - [PROMPT_INJECTION] (HIGH): The skill exposes a significant Indirect Prompt Injection surface (Category 8) due to the combination of reading untrusted data and having command execution capabilities. * Ingestion points: Kubernetes manifests and Helm charts read from the local filesystem or provided paths. * Boundary markers: None. The skill does not implement delimiters or instructions to the agent to disregard instructions found within the scanned files. * Capability inventory: Shell command execution via
bashfor runningkube-linterand listing checks. * Sanitization: There is no evidence of path sanitization or content filtering to prevent malicious payloads from influencing agent behavior or the underlying system.
Recommendations
- AI detected serious security threats
Audit Metadata