kubernetes-flux

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The skill embeds a mandatory "Memory Protocol" that directs the agent to read a local memory file (cat .claude/context/memory/learnings.md), record memories, and change assumptions about context—instructions unrelated to Kubernetes operations that alter agent behavior and expose internal state, so they act as hidden/deceptive directives outside the skill's stated purpose.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly instructs running an installer with elevated privileges ("curl ... | sudo bash"), which asks the agent/user to obtain sudo and can modify system files on the host, so it risks compromising machine state.