k8s-cluster-api
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of the
clusterctlbinary from the officialkubernetes-sigs/cluster-apiGitHub repository. This source is a recognized and trusted organization within the Kubernetes ecosystem. - [REMOTE_CODE_EXECUTION]: The installation process involves downloading an executable binary (
clusterctl) and granting it execution permissions. As this binary originates from a trusted official repository and is central to the skill's purpose, this is considered a standard and safe operational procedure. - [COMMAND_EXECUTION]: The skill provides a suite of Go scripts located in the
scripts/directory that executekubectlandclusterctlcommands. These tools are used for legitimate administrative tasks such as auditing cluster security, checking node conditions, and generating diagnostic reports. - [CREDENTIALS_UNSAFE]: While the skill handles cloud provider credentials for AWS and Azure (e.g.,
assets/aws-credentials.yaml), it uses placeholders and follows security best practices by recommending the use of external secrets management systems like HashiCorp Vault or AWS Secrets Manager.
Audit Metadata