Kubernetes RBAC Audit

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Kubernetes RBAC audit skill, but users should run it with a dedicated read-only cluster context and protect the generated reports.

Install only if you intend to audit a Kubernetes cluster. Use a dedicated read-only kubeconfig/context instead of cluster-admin where possible, avoid running it from a privileged in-cluster service account, and store any generated RBAC reports as sensitive security documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: Requesting cluster-admin or equivalent broad read access for an audit workflow materially increases exposure of sensitive cluster-wide information, including RBAC mappings, service accounts, and potential secret-access paths, without a clear warning or minimization guidance. In a real environment, operators may overgrant permissions to run the skill, creating unnecessary blast radius if the workstation, plugin chain, or output artifacts are compromised.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal