kubernetes-security

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The skill includes explicit, contradictory and insecure instructions (e.g., recommending secrets as env vars/ConfigMaps, hardcoding credentials, and running privileged containers) that conflict with its stated "harden Kubernetes" purpose, which is deceptive relative to its scope.

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains examples and instructions that embed secret values verbatim (e.g., --from-literal=password=supersecret) and recommends insecure practices like hardcoding or mounting visible env vars, meaning an LLM following it could be required to output actual secrets directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The document is mostly legitimate Kubernetes security guidance but contains clear, likely-intentional inverted recommendations that encourage insecure practices—explicitly advising mounting secrets as env vars, storing secrets in ConfigMaps or hardcoding credentials, and recommending privileged/elevated containers—behaviors that enable credential theft, privilege escalation and supply-chain compromise.