Kubernetes Skills
Security checks across malware telemetry and agentic risk
Overview
The skill is purpose-aligned for cert-manager work, but it can guide an agent to make persistent Kubernetes cluster changes without clear approval, context, or rollback safeguards.
Use this skill only if you trust it to operate on your Kubernetes environment. Before allowing it to apply manifests, verify the kube context, namespace, domain names, issuer names, and target cluster, especially in production. Prefer least-privileged Kubernetes credentials and require confirmation for any kubectl_apply action.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken apply could alter certificate issuance behavior for an entire Kubernetes cluster.
The skill documents direct application of a cluster-wide Kubernetes manifest. This is purpose-aligned, but without explicit confirmation, context checking, or rollback instructions, an agent could apply high-impact cluster changes to the wrong environment.
kubectl_apply(manifest="""\napiVersion: cert-manager.io/v1\nkind: ClusterIssuer\nmetadata:\n name: letsencrypt-prod
Require explicit user approval before any kubectl_apply action, verify the active kube context and namespace, and review the manifest before applying it.
The skill may operate using whatever Kubernetes credentials are currently available, which could include production or cluster-admin access.
ClusterIssuer operations require Kubernetes account permissions that may be cluster-wide. The registry metadata declares no primary credential or config path, so the credential and context boundary are unclear.
certmanager_clusterissuers_list_tool()
Use a least-privileged Kubernetes identity, confirm which kubeconfig/context is active, and avoid granting cluster-wide permissions unless needed.
Behavior depends on the separately installed Kubernetes MCP tooling and its permissions.
The skill depends on external MCP tools, but there is no install spec, required binary declaration, or bundled code to verify those tools in this artifact set. This is not malicious by itself, but users should know the runtime tool provenance matters.
Manage TLS certificates using kubectl-mcp-server's cert-manager tools.
Install Kubernetes MCP tooling only from a trusted source and review its permissions before using this skill.