kubernetes-patterns

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit secret values and commands that embed them verbatim (e.g., --from-literal db-password='s3cr3t' and the base64 value czNjcjN0), which forces the LLM to handle/output secrets directly.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill contains explicit kubectl commands and copy-pasteable manifests (Namespaces, ServiceAccounts, Roles/RoleBindings, Secrets, Deployments, Jobs, CronJobs, PDBs, etc.) which instruct the agent to modify Kubernetes cluster state and create accounts/privileges, so it can change the machine/cluster state and affect security posture.