hunt-k8s

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt repeatedly instructs reading secrets (service account tokens, etcd secret values) and embedding them verbatim into commands/Authorization headers or outputs (e.g., curl -H "Authorization: Bearer $TOKEN", echo '' | base64 -d), which forces an agent to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is a high-risk offensive playbook: it gives step-by-step techniques to steal credentials (etcd/Secrets, SA tokens), exfiltrate data (metadata/Secrets), perform remote code execution (kubelet /run and /exec, API-server proxy, docker.sock), and fully compromise Kubernetes clusters and hosts.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs creating and starting privileged containers (via docker.sock), patching/creating ephemeral or debug containers that mount the host filesystem, and using API/server proxy endpoints to execute commands — all actions that change system state and can lead to host/root compromise.