k8s-cluster-api

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of the clusterctl binary from the official kubernetes-sigs/cluster-api GitHub repository. This source is a recognized and trusted organization within the Kubernetes ecosystem.
  • [REMOTE_CODE_EXECUTION]: The installation process involves downloading an executable binary (clusterctl) and granting it execution permissions. As this binary originates from a trusted official repository and is central to the skill's purpose, this is considered a standard and safe operational procedure.
  • [COMMAND_EXECUTION]: The skill provides a suite of Go scripts located in the scripts/ directory that execute kubectl and clusterctl commands. These tools are used for legitimate administrative tasks such as auditing cluster security, checking node conditions, and generating diagnostic reports.
  • [CREDENTIALS_UNSAFE]: While the skill handles cloud provider credentials for AWS and Azure (e.g., assets/aws-credentials.yaml), it uses placeholders and follows security best practices by recommending the use of external secrets management systems like HashiCorp Vault or AWS Secrets Manager.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 08:03 PM
Security Audit — agent-trust-hub — k8s-cluster-api