oke-multihome-deployer
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches a Multus CNI deployment manifest from the official
k8snetworkplumbingwgGitHub repository. This is a standard and well-known source for Kubernetes networking components. - [COMMAND_EXECUTION]: The
discover-oke-multihome.pyscript usessubprocess.runto executeociandkubectlcommands. These calls are implemented using argument lists, which is a secure practice that prevents shell injection vulnerabilities. - [REMOTE_CODE_EXECUTION]: The workflow involves applying a remote Kubernetes manifest to the cluster. This is the intended primary purpose of the skill for installing the Multus daemonset and is handled via established community sources.
- [DATA_EXFILTRATION]: The skill queries OCI tenancy and Kubernetes cluster metadata (OCIDs, subnet CIDRs, node names). This information is processed locally to generate deployment manifests and is not exfiltrated to untrusted external domains.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a data ingestion surface by reading outputs from cloud APIs and Kubernetes commands. However, the risk is minimized as the data is parsed as structured JSON/YAML and the skill is authored by the platform vendor.
Audit Metadata