K8s Fta Skill
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: k8s-fta-skill Version: 0.1.0 The skill bundle provides a comprehensive Kubernetes Fault Tree Analysis (FTA) tool for diagnosing and repairing cluster issues. It utilizes kubectl and shell commands to inspect Pods, Services, RBAC, and networking components. While the skill includes capabilities for destructive actions (e.g., 'kubectl delete' and 'kubectl patch' in SKILL.md), it explicitly mandates safety guardrails such as prioritizing read-only operations and requiring user confirmation before executing any modifications. No evidence of data exfiltration, unauthorized persistence, or malicious prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used against the wrong cluster or namespace, the agent could make or recommend changes that disrupt applications or production infrastructure.
The skill explicitly instructs the agent to run kubectl automatically and to perform fixes when needed. Kubernetes repair commands can change live workloads, networking, RBAC, storage, or scaling behavior, but the artifact does not define a tight allowlist or scope for mutating actions.
通过自动执行kubectl命令...自动修复功能...必要时自动执行修复命令
Use only with the intended kubectl context, require explicit approval for every mutating command, and prefer dry-run/read-only checks or a limited RBAC account.
The agent may access sensitive cluster information or act with broader permissions than the user intended, depending on the current kubeconfig context.
These commands use the user’s active Kubernetes credentials and can inspect cluster-wide resources and RBAC configuration. The provided metadata declares no primary credential or required config path, and the instructions do not bound which context, account, or namespace should be used.
kubectl get pods --all-namespaces ... kubectl get clusterrole ... kubectl get clusterrolebinding
Before invoking the skill, verify the active kubectl context and use a least-privilege service account or namespace-scoped credentials where possible.
Sensitive or misleading log content could enter the agent’s working context during troubleshooting.
The skill analyzes pod logs and command output. Logs are expected for troubleshooting, but they may contain secrets, internal hostnames, tokens, or untrusted text from applications.
kubectl logs <pod-name> -n <namespace> ... 分析输出
Review whether logs may contain secrets before sharing them with the agent, and treat log text as data rather than instructions.
The agent may run diagnostic commands inside selected pods, which could be inappropriate for sensitive or production workloads if not targeted carefully.
The evaluation expectations include running kubectl exec inside a pod for DNS diagnostics. This is purpose-aligned, but it is still command execution inside a cluster workload.
Automatically execute kubectl exec nslookup
Confirm the target pod and namespace before allowing kubectl exec, and limit execution to harmless diagnostic commands.
Users have less external context for verifying the author, maintenance history, or safety review of the Kubernetes automation guidance.
The skill has no visible source repository or homepage. That is not malicious by itself, but provenance matters more for a skill that can guide cluster-wide operational actions.
Source: unknown; Homepage: none
Review the SKILL.md content directly and consider using trusted, internally reviewed troubleshooting runbooks for production clusters.