ClawHub

Eks Workload Best Practice Assessment

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent EKS assessment tool, but it needs review because its docs suggest broad cluster-wide collection and admin-level EKS access setup that exceed read-only assessment needs.

Install only if you intend to let the agent inspect an EKS cluster. Use least-privilege read-only Kubernetes and AWS permissions where possible, explicitly choose the cluster, region, namespaces, and whether to include infrastructure checks, and avoid the documented cluster-admin access example unless you have separately approved that level of access. Treat the generated report as sensitive operational data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
78% confidence
Finding
The skill instructs the agent to write a local file directly, including a generated filename, without explicitly requiring user confirmation before modifying disk state. In agent environments, silent file creation can be risky because it causes side effects outside the chat context, may write into sensitive working directories, and can surprise users who only expected analysis output.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The file instructs collection of broad cluster-wide Kubernetes and AWS/ECR configuration data, including RBAC, service accounts, events, node details, and image security metadata, but it does not explicitly warn the operator that these commands may expose sensitive operational and security information across namespaces. In a shared or production environment, this can lead to over-collection and unintended disclosure to the agent, logs, transcripts, or downstream systems, especially because `--all-namespaces` is suggested for full assessment.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal