securing-kubernetes-on-cloud
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches configuration files and helm charts for security monitoring and benchmarking tools from reputable repositories.
- Evidence:
helm repo add falcosecurity https://falcosecurity.github.io/chartsused for runtime threat detection. - Evidence:
kubectl apply -f https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job-eks.yamlused for CIS benchmarking. - [COMMAND_EXECUTION]: Instructs the agent to execute administrative CLI commands to configure Kubernetes resources and cloud provider IAM settings.
- Evidence: Orchestrates actions using
kubectl,eksctl,gcloud, andazto implement workload identity and network policies. - Context: These operations are consistent with the skill's purpose of cloud infrastructure hardening.
Audit Metadata