benchmarking-kubernetes-with-kube-bench

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the kube-bench binary and configuration files from Aqua Security's official GitHub repository.
  • [REMOTE_CODE_EXECUTION]: Instructions provide commands to apply Kubernetes Job manifests directly from the official Aqua Security GitHub repository to the cluster.
  • [COMMAND_EXECUTION]: The scripts/agent.py helper script uses subprocess.run to execute the kube-bench binary with user-specified targets and benchmarks.
  • [COMMAND_EXECUTION]: Several steps in the installation and remediation workflow require sudo privileges to access sensitive Kubernetes configuration files (e.g., /etc/kubernetes/manifests) and move binaries to system paths.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 03:40 AM
Security Audit — agent-trust-hub — benchmarking-kubernetes-with-kube-bench