Back to skill

Security audit

Kubernetes Skills

Security checks across malware telemetry and agentic risk

Overview

This skill documents Kubernetes-focused browser automation with sensitive but expected capabilities, and it does not contain hidden code or deceptive behavior.

Install only if you want an agent to operate Kubernetes-related web dashboards. Prefer local browser execution for sensitive clusters, use short-lived least-privilege credentials, verify target URLs before sending headers or passwords, avoid capturing secrets in screenshots or page dumps, and require explicit approval before ArgoCD sync or any production-changing action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly demonstrates sending an Authorization bearer token in browser headers to a remote URL, but it provides no warning about credential handling, token scope, logging, or the risk of transmitting secrets to external services. In this skill's context, browser providers may be local or third-party hosted, which increases the chance that sensitive headers, session data, or page contents are exposed beyond the intended Kubernetes environment.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The skill instructs users to save screenshots of Kubernetes and observability dashboards to local files without warning that screenshots may capture secrets, internal topology, usernames, tokens, or operational data. While writing screenshots to disk is not inherently unsafe, omitting handling guidance creates a real data exposure risk in environments where local storage is shared, synced, or insufficiently protected.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The ArgoCD workflow includes a Synchronize action that can apply manifests and change live cluster state, yet the skill presents it as a routine browser click sequence without a caution about operational impact or need for confirmation. In a Kubernetes administration context, normalizing state-changing UI automation without guardrails increases the risk of accidental production changes, outages, or unintended deployments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.