Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Kubernetes Skills
v1.0.0Manage multiple Kubernetes clusters, switch contexts, and perform cross-cluster operations. Use when working with multiple clusters, comparing environments, or managing cluster lifecycle.
⭐ 2· 2.2k·8 current·8 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, and runtime instructions consistently target multi-cluster Kubernetes management (context switching, CAPI, Helm, GitOps, secret sync). That capability set is coherent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to view/sanitize kubeconfigs (kubeconfig_view()), list contexts, read secrets from a source cluster and apply them to targets, and to obtain workload kubeconfigs via CAPI tools. Those instructions implicitly require access to kubeconfig files and cluster credentials and perform sensitive actions (secret synchronization, cross-cluster writes). The skill does not constrain or document how sensitive data will be handled or where it may be transmitted.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing will be downloaded or written by the skill itself. This minimizes supply-chain/installation risk.
Credentials
The skill declares no required env vars, credentials, or config paths, yet the instructions rely on kubeconfigs (examples use export KUBECONFIG and kubeconfig_view()) and service-account patterns. There is a mismatch between declared requirements (none) and the obvious need for cluster credentials and kubeconfig files to perform the described operations.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does not request persistent presence or modify other skills. Autonomous invocation is enabled (default) but not, by itself, a red flag here.
What to consider before installing
This skill appears to be a legitimate multi-cluster Kubernetes helper, but take these precautions before installing or using it:
- Verify provenance: the skill's source and homepage are unknown; prefer skills from trusted publishers.
- Expect it needs access to kubeconfig files or cluster credentials even though it doesn't declare them. Do not expose production kubeconfigs or long-lived admin tokens to untrusted skills or agents.
- Secret-sync examples show the agent reading secrets in one cluster and applying them to another — this is sensitive. Confirm how kubeconfig_view() sanitizes secrets and audit any secret exports before allowing the skill to run.
- Limit permissions: use short-lived, least-privilege service accounts and separate kubeconfig files for non-prod testing before running in production.
- Ask the publisher or maintainer for clarification: which platform tools back get_pods(), apply_manifest(), and kubeconfig_view(), and how is sensitive data handled/transmitted? If you cannot verify those answers, avoid granting access to real kubeconfigs or prod clusters.
If you want, I can list specific questions to ask the skill author or suggest a safe test plan (isolated dev cluster and restricted kubeconfig) to evaluate the skill's behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97dge88s7texn0ssc46xf8bd17zyp17
License
MIT-0
Free to use, modify, and redistribute. No attribution required.