kube-medic

clawhub:kube-medic

View source

92/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

92/100

MEDIUM 1

LOW 1

Findings (2)

MEDIUM

Conversation history poisoning PROMPT_INJECTION_007

prompt-injection L177

Detects fake conversation history injection

User: Yes

FIX

Remove social engineering language that attempts to manipulate the agent through urgency, emotional appeals, or authority claims.

FP?

Likely FP if the matched text is part of a legitimate skill description that uses urgency language for user-facing features (e.g., an incident response tool).

LOW

Shell script file execution CMDEXEC_013

command-execution L21

Detects execution of shell script files via bash/sh command or direct invocation

bash scripts/kube-medic.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.