oke-multihome-deployer

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches a Multus CNI deployment manifest from the official k8snetworkplumbingwg GitHub repository. This is a standard and well-known source for Kubernetes networking components.
  • [COMMAND_EXECUTION]: The discover-oke-multihome.py script uses subprocess.run to execute oci and kubectl commands. These calls are implemented using argument lists, which is a secure practice that prevents shell injection vulnerabilities.
  • [REMOTE_CODE_EXECUTION]: The workflow involves applying a remote Kubernetes manifest to the cluster. This is the intended primary purpose of the skill for installing the Multus daemonset and is handled via established community sources.
  • [DATA_EXFILTRATION]: The skill queries OCI tenancy and Kubernetes cluster metadata (OCIDs, subnet CIDRs, node names). This information is processed locally to generate deployment manifests and is not exfiltrated to untrusted external domains.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses a data ingestion surface by reading outputs from cloud APIs and Kubernetes commands. However, the risk is minimized as the data is parsed as structured JSON/YAML and the skill is authored by the platform vendor.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 10:47 AM
Security Audit — agent-trust-hub — oke-multihome-deployer