kubernetes-pentesting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The playbook instructs reading secrets (service account tokens, etcd secrets, cloud IMDS credentials, dockerconfigjson) and embedding/printing them verbatim in curl headers, command outputs, or decoded dumps, which requires the agent to handle secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit, actionable playbook for compromising Kubernetes clusters—detailing how to steal credentials (service account tokens, secrets, registry/docker credentials, cloud IMDS tokens), achieve remote code execution and privilege escalation (privileged/hostPath pods, nsenter/chroot, Kubelet exec, creating tokens), access and exfiltrate sensitive data (etcd dumps, secrets, image inspection), and bypass protections (admission webhooks, network policies)—i.e., deliberate malicious guidance for system compromise and data exfiltration.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This playbook explicitly instructs actions that alter host state and escalate privileges—creating privileged pods that mount the host filesystem and nsenter the host, instructing placement of manifests in /etc/kubernetes/manifests/, accessing etcd and node certificates—i.e. direct instructions to modify or control the machine/environment.