The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill instructs the agent to automatically search all pod environment variables and ConfigMaps across all namespaces to identify service dependencies. This process retrieves and exposes all environment data to the agent's context, which often includes sensitive connection strings, API keys, and other secrets.
[COMMAND_EXECUTION]: The skill uses background shell processes (kubectl logs -f ... &) to stream logs to local files. It tracks these processes using PID files in /tmp/ and performs manual cleanup by killing the recorded process IDs.
[PROMPT_INJECTION]: The test-prompt.md file contains instructions to 'automatically execute all steps without confirmation'. This encourages the agent to bypass the safety check described in SKILL.md (Step 3b), where the user is intended to manually confirm auto-discovered dependencies before analysis proceeds.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes raw application logs via kubectl logs. Since the content of these logs can be influenced by external actors or systems interacting with the monitored applications, an attacker could potentially embed malicious instructions in the logs to influence the agent's behavior during the analysis phase.
[DATA_EXFILTRATION]: The skill aggregates logs and configuration data from across the EKS cluster into a centralized report and temporary directory. While intended for analysis, this broad collection and synthesis of environment-wide data increases the risk of sensitive information being summarized in the final output.

eks-app-log-analysis