kubestellar-console

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of an external binary tool (kc-agent) using the Homebrew package manager from the kubestellar/tap repository.
  • [COMMAND_EXECUTION]: The instructions direct the user to execute shell commands to install and initialize an MCP (Model Context Protocol) server. This server bridges the user's local Kubernetes configuration to the AI agent.
  • [DATA_EXFILTRATION]: The skill identifies a potential data exposure risk where an AI agent could access sensitive Kubernetes objects (such as Secrets) if the active kubeconfig context has excessive permissions. It provides detailed remediation steps using Kubernetes ServiceAccounts and read-only ClusterRoles to mitigate this risk.
  • [PROMPT_INJECTION]: The skill describes an indirect prompt injection surface. Because the agent processes live data from Kubernetes clusters (including resource manifests and logs), malicious data existing within the cluster could potentially influence the agent's logic. The skill references external security documentation for mitigating agent drift.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 06:23 PM
Security Audit — agent-trust-hub — kubestellar-console