bk-cli-bcs
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to construct and execute commands via the
bk-clibinary to interact with the BlueKing Container Service (BCS) API. This is the primary and intended function of the skill. - [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection as it interpolates user-provided parameters (such as cluster IDs, node IPs, and JSON bodies) into shell commands. However, the skill provides mitigation strategies for the agent, such as using the
--dry-runflag to verify the generated request before execution and using-h --body-schemato validate data structures.
Audit Metadata