Skills
skills/wgpsec/aboutsecurity/k8s-storage-exploit/Gen Agent Trust Hub

k8s-storage-exploit

Warn

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs a variety of shell commands, including mount and find, to identify misconfigured storage and ssh to create remote network tunnels.
  • [CREDENTIALS_UNSAFE]: Instructions explicitly guide the agent to locate and extract high-value credentials, such as /etc/shadow, private SSH keys, and Kubernetes Secrets.
  • [EXTERNAL_DOWNLOADS]: The skill references the nfs-cat tool from an external GitHub repository (sahlberg/libnfs) as a means to spoof user identities and bypass standard file permissions.
  • [DATA_EXFILTRATION]: The skill details the use of SSH remote port forwarding (ssh -R) in conjunction with sensitive file access, providing a mechanism for exfiltrating data to external servers.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 22, 2026, 10:07 AM