The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides a large suite of kubectl exec and curl commands designed to probe internal networks, scan services, and interact with sensitive APIs within the cluster environment. It includes patterns for lateral movement and route injection.
[DATA_EXFILTRATION]: Contains explicit instructions and command templates for exfiltrating sensitive cluster data via DNS tunneling by encoding data in subdomains. It also describes methods to extract high-value data from AWS SSM parameters and internal S3 storage.
[CREDENTIALS_UNSAFE]: References and provides specific methods to access static long-lived credentials, including an AWS IAM access key stored in the kube-system namespace, Cloudflare API tokens, and mesh CA private keys. It also repeatedly uses the ~/.kube/dev.yaml configuration file for authentication.
[EXTERNAL_DOWNLOADS]: Directs the system to pull and execute external container images (such as nicolaka/netshoot) from public registries to be used as a base for launching network-based attacks.

security-testing