debug-openshell-cluster
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various system and cluster management commands to perform diagnostics on the environment.
- Evidence: Uses the
openshellCLI,kubectl,helm,docker,podman, andmisefor status checks and log retrieval. - [DATA_EXPOSURE]: The skill accesses diagnostic data, including container logs, Kubernetes secret names, and local configuration files, which is necessary to identify deployment failures.
- Evidence:
- Inspects Kubernetes secrets:
kubectl -n openshell get secret openshell-server-tls ... - Retrieves Helm deployment values:
helm -n openshell get values openshell - References local configuration paths:
~/.config/openshell/gateways/<name>/mtls/ - [EXTERNAL_DOWNLOADS]: The skill references container images from the vendor's official registry.
- Evidence: References
ghcr.io/nvidia/openshell/supervisor:latestfor sandbox diagnostic checks. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from logs and cluster events which serves as a surface for indirect prompt injection if those sources contain malicious instructions.
- Ingestion points: Reads output from
docker logs,kubectl logs, andkubectl get eventsinto the agent context. - Boundary markers: Absent. The instructions do not explicitly tell the agent to ignore embedded instructions within log outputs.
- Capability inventory: High. The skill has the ability to execute cluster and container management commands (
kubectl,docker,helm). - Sanitization: Absent. Raw tool output is passed directly to the agent's context for interpretation.
Audit Metadata