feat(skills): add Kubernetes security testing skill by mvanhorn · Pull Request #394 · usestrix/strix

mvanhorn · 2026-03-25T23:16:21Z

Summary

Adds strix/skills/cloud/kubernetes.md - the first skill in the cloud/ category. Covers 7 attack domains for Kubernetes cluster security testing.

Why this matters

The cloud/ directory has a .gitkeep placeholder but zero skills (#324). Strix has 17 vulnerability skills, 9 tooling skills, and 3 framework skills - but no cloud infrastructure coverage. Kubernetes is the most common container orchestration target, and agents currently lack the domain knowledge to test it.

Changes

One new file: strix/skills/cloud/kubernetes.md (218 lines)

Covers:

RBAC misconfigurations - wildcard verbs, cluster-admin over-grants, auto-mounted SA tokens
Exposed APIs - API server anonymous auth, kubelet read-only port, etcd, Dashboard
Container escapes - privileged containers, hostPID/hostNetwork, mounted sockets, cgroup release_agent
Network policy gaps - missing NetworkPolicy, egress holes, DNS tunneling
Secret management - base64 secrets in etcd, env var exposure, Helm release values
Workload misconfigs - running as root, no resource limits, allowPrivilegeEscalation
Supply chain risks - mutable image tags, unsigned images, unverified Helm charts

Each section includes specific kubectl commands, curl probes, and validation methods. Format matches the existing SSRF skill (the gold standard at 182 lines).

No code changes. The skill loader in strix/skills/__init__.py auto-discovers .md files in category directories.

Video Demo

Testing

No Python changes - make check-all is unaffected. The skill is a markdown knowledge package that gets injected into agent system prompts at runtime.

This contribution was developed with AI assistance (Claude Code).

Fixes #324

….md) Add comprehensive Kubernetes cluster security testing knowledge package covering RBAC misconfigurations, exposed APIs, container escapes, network policy gaps, secret management issues, workload misconfigs, and supply chain risks. Closes usestrix#324 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

greptile-apps · 2026-03-25T23:18:16Z

Greptile Summary

This PR adds strix/skills/cloud/kubernetes.md, the first skill in the cloud/ category, providing structured Kubernetes security testing knowledge covering 7 attack domains: RBAC misconfigurations, exposed APIs, container escapes, network policy gaps, secret management issues, workload misconfigs, and supply chain risks.

The file follows the expected frontmatter format (name, description) and will be correctly auto-discovered and loaded by the skill loader in strix/skills/__init__.py
Structure and section layout match the SSRF gold standard: Attack Surface → Key Vulnerabilities → Bypass Techniques → Testing Methodology → Validation → False Positives → Impact → Pro Tips → Summary
One incorrect command in the Secret Management test block: kubectl get secret <name> -o jsonpath='{.data}' | base64 -d pipes a JSON map (not a base64 string) into base64 -d, producing garbled output; should reference a specific key (e.g. .data.password) or use jq's @base64d filter
All other kubectl, curl, and jq commands are technically accurate and consistent with current Kubernetes API conventions
The cross-reference to the ssrf skill for SSRF-mediated Kubernetes access is a good design choice, keeping the skills complementary and modular

Confidence Score: 4/5

Safe to merge after fixing the one incorrect base64 decode command; no code or Python changes are introduced.
The PR is purely additive documentation with no Python changes. The skill correctly integrates with the auto-discovery loader, the format matches the established convention, and the content is accurate throughout — with one exception: the base64 -d command applied to the full .data JSON map will silently fail when an agent attempts to use it. That's the only concrete fix needed before merge.
strix/skills/cloud/kubernetes.md — fix the base64 -d command in the Secret Management test block

Important Files Changed

Filename	Overview
strix/skills/cloud/kubernetes.md	New Kubernetes security testing skill; well-structured and follows existing conventions; one incorrect `base64 -d` command in the Secret Management test block

Prompt To Fix All With AI

This is a comment left during a code review.
Path: strix/skills/cloud/kubernetes.md
Line: 109

Comment:
**`base64 -d` applied to JSON map, not a base64 string**

`kubectl get secret <name> -o jsonpath='{.data}'` returns the entire `data` map as a JSON object (e.g. `{"password":"c2VjcmV0","token":"dG9rZW4="}`). Piping that JSON blob to `base64 -d` will produce garbled output or an error, not the decoded secret values. An agent following this command verbatim would get confused.

To decode all values at once:
```suggestion
kubectl get secret <name> -o json | jq '.data | map_values(@base64d)'
```
Or to decode a specific key:
```
kubectl get secret <name> -o jsonpath='{.data.password}' | base64 -d
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "feat(skills): add Kubernetes security te..." | Re-trigger Greptile}

greptile-apps · 2026-03-25T23:18:20Z

strix/skills/cloud/kubernetes.md

+- ConfigMaps containing credentials, API keys, connection strings
+- Service account tokens auto-mounted into pods that never call the API
+- Helm release secrets containing full chart values with credentials
+


base64 -d applied to JSON map, not a base64 string

kubectl get secret <name> -o jsonpath='{.data}' returns the entire data map as a JSON object (e.g. {"password":"c2VjcmV0","token":"dG9rZW4="}). Piping that JSON blob to base64 -d will produce garbled output or an error, not the decoded secret values. An agent following this command verbatim would get confused.

To decode all values at once:

Suggested change

kubectl get secret <name> -o json | jq '.data | map_values(@base64d)'

Or to decode a specific key:

kubectl get secret <name> -o jsonpath='{.data.password}' | base64 -d

Prompt To Fix With AI

This is a comment left during a code review. Path: strix/skills/cloud/kubernetes.md Line: 109 Comment: **`base64 -d` applied to JSON map, not a base64 string** `kubectl get secret <name> -o jsonpath='{.data}'` returns the entire `data` map as a JSON object (e.g. `{"password":"c2VjcmV0","token":"dG9rZW4="}`). Piping that JSON blob to `base64 -d` will produce garbled output or an error, not the decoded secret values. An agent following this command verbatim would get confused. To decode all values at once: ```suggestion kubectl get secret <name> -o json | jq '.data | map_values(@base64d)' ``` Or to decode a specific key: ``` kubectl get secret <name> -o jsonpath='{.data.password}' | base64 -d ``` How can I resolve this? If you propose a fix, please make it concise.

mvanhorn mentioned this pull request Mar 25, 2026

skill: add Kubernetes security testing knowledge package (cloud/kubernetes.md) #324

Open

greptile-apps bot reviewed Mar 25, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(skills): add Kubernetes security testing skill#394

feat(skills): add Kubernetes security testing skill#394
mvanhorn wants to merge 1 commit intousestrix:mainfrom
mvanhorn:osc/324-kubernetes-security-skill

mvanhorn commented Mar 25, 2026

Uh oh!

greptile-apps bot commented Mar 25, 2026

Uh oh!

greptile-apps bot Mar 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant


	kubectl get secret <name> -o json \| jq '.data \| map_values(@base64d)'

Conversation

mvanhorn commented Mar 25, 2026

Summary

Why this matters

Changes

Video Demo

Testing

Uh oh!

greptile-apps bot commented Mar 25, 2026

Greptile Summary

Confidence Score: 4/5

Important Files Changed

Uh oh!

greptile-apps bot Mar 25, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant