ClawHub

Kubernetes Skills

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Kubernetes Cluster API management skill, with expected but sensitive abilities to change clusters and retrieve kubeconfig credentials.

Install this only if you want an agent to help manage Kubernetes Cluster API resources. Before using mutating examples, verify the kubeconfig context, namespace, target cluster, provider, manifest, and intended cost or availability impact. Treat any returned kubeconfig as a secret and avoid exposing it in logs, chat, or shared outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs users to retrieve a workload cluster kubeconfig, which is a sensitive credential granting cluster access, but provides no warning about secrecy, scope, or safe handling. In an agent setting, this omission increases the chance that credentials are exposed in logs, chat transcripts, or passed to unintended tools or users.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The examples use kubectl_apply to create Cluster and MachineDeployment resources that can provision or modify real infrastructure, yet they lack any warning about side effects, cost, or environment impact. In a lifecycle-management skill, operational examples are expected, but without guardrails they can be executed in production-like contexts and trigger unintended resource creation or configuration changes.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The workflow steps normalize provisioning, scaling, and upgrade actions without warning about their impact on availability, cost, and existing workloads. Because this skill is specifically for Cluster API lifecycle management, these actions are highly privileged and inherently dangerous if an agent follows them automatically or in the wrong environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal