kubesearch
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to kubesearch.dev and raw.githubusercontent.com to retrieve search results and raw configuration files. These are well-known services used appropriately for configuration research. \n- [PROMPT_INJECTION]: The skill processes untrusted data from third-party GitHub repositories, which presents a surface for indirect prompt injection. \n
- Ingestion points: Fetches helmrelease.yaml and values.yaml files from raw.githubusercontent.com in Step 3 via WebFetch. \n
- Boundary markers: Absent; the instructions do not specify the use of delimiters or 'ignore' instructions for the fetched content. \n
- Capability inventory: Uses WebFetch to retrieve data; the skill logic does not explicitly call dangerous tools like shell execution or file-system modifications. \n
- Sanitization: None; the agent is instructed to 'Extract all helm values configuration' directly from the fetched raw files.
Audit Metadata