OpenShift Hardening

Security checks across malware telemetry and agentic risk

Overview

This skill is a hosted OpenShift hardening configuration generator; its main risk is that generated security manifests should be reviewed before use.

Install only if you are comfortable using ToolWeb/api.mkkpro as a hosted service. Review and test all generated OpenShift manifests in a non-production environment before applying them, especially RBAC, network policies, pod security settings, and encryption changes. Avoid submitting confidential cluster details, internal architecture, or production-specific security posture unless you have appropriate trust and privacy controls with the provider.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill describes generation and download of production-ready hardening manifests but does not warn users that applying these files can materially change cluster security posture, availability, and access controls. In a security-configuration tool, omission of a review/validation warning can lead operators to trust and deploy generated manifests blindly, causing misconfiguration, lockout, or unexpected exposure reduction/impact in production.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal