k8s-container-escape

SUSPICIOUS/HIGH-RISK. The skill is explicitly an AI-agent offensive Kubernetes exploitation guide: it reads ServiceAccount tokens, disables TLS checks, abuses kubelet/API/etcd access, and instructs container escape and cluster takeover. Data flows target official cluster endpoints rather than a third-party exfil server, so this is not confirmed malware, but it is a high-risk exploit capability that does not belong in a benign cloud-management skill.

This fragment is a clearly malicious exploitation/persistence guide targeting Kubernetes and container environments. It describes container escape techniques, Docker socket abuse, service account token abuse, secret/credential theft, exfiltration to attacker-controlled endpoints, and persistence via static Pods. If such content were included in a dependency or package, it would represent an extreme supply-chain security threat.

This content is an explicit, highly actionable Kubernetes/cloud attack playbook. It targets credential and secret theft (API server secrets, kubelet access, etcd secret registry reads), privilege escalation (RBAC to cluster-admin, serviceaccount token minting), persistence (mutating admission webhooks, CoreDNS poisoning), node/workload takeover (privileged pods and kubelet exec/run/log/proxy usage), lateral movement, and cloud credential exfiltration via IMDS/workload identity for control-plane pivoting. Treated as malicious supply-chain content if packaged/distributed as a dependency/tool artifact.