Kubernetes Skills

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Kubernetes Velero backup skill whose powerful restore and scheduling examples match its stated disaster-recovery purpose.

Install only where the agent should be allowed to use the active Kubernetes context for Velero operations. Before running restores or creating schedules, verify the target cluster, namespace mappings, backup name, included resources, and whether Secrets should be restored; protect backup storage because it may contain credentials.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill documents restore operations that can modify live cluster state without any caution about overwriting existing resources, namespace collisions, or disruption to running workloads. In an agent skill context, omission of safety guidance increases the chance that operators or downstream agents will perform destructive restores into the wrong cluster or namespace.

Missing User Warnings

Medium

Confidence: 82% confidence
Finding: The restore example explicitly includes secrets without any warning that backup and restore artifacts may contain sensitive credentials, tokens, or keys. In a Kubernetes backup skill, normalizing secret-inclusive operations without handling guidance can lead to unintended exposure through backup storage, broader restore scope, or migration of stale credentials into other environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal