Skylv Kubernetes Automation

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent, but it can guide live Kubernetes changes with broad activation and too few safety checks.

Install only if you intend to let an agent assist with Kubernetes operations. Use a dedicated least-privilege kubeconfig, limit access to non-production or a specific namespace where possible, and require explicit confirmation plus dry-run or preview output before deploy, scale, rollback, autoscale, ConfigMap, Secret, or namespace changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list contains broad phrases like "kubernetes," "k8s," and "kubectl," which are likely to match ordinary discussion rather than explicit intent to invoke a cluster-management skill. Because this skill can perform operational actions against a connected Kubernetes cluster, ambiguous activation increases the risk of accidental invocation in contexts where the user only wanted information or discussion.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill advertises deployment, scaling, rollback, config, and other live cluster-management capabilities without any guardrails, warnings, or confirmation steps for state-changing operations. In a Kubernetes context, these actions can directly alter production workloads, cause outages, expose secrets or logs, and amplify damage if triggered accidentally or from ambiguous user input.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal