Complete Platform Agent Swarm — A coordinated multi-agent system for Kubernetes and OpenShift platform operations. Includes Orchestrator (Jarvis), Cluster Op...
Security Analysis
medium confidenceThe skill's stated purpose (coordinated cluster operations) aligns with the tools and behaviors described, but the runtime instructions imply access to highly privileged cluster and cloud credentials and suggest installing code from a third‑party GitHub repo while declaring no required credentials or install artifacts — the gaps merit caution.
The name/description (multi-agent cluster operations) matches the listed tools (kubectl, oc, argocd, helm, kustomize, cloud CLIs). However, the skill does not declare any required credentials or config paths even though legitimate operation requires kubeconfigs and cloud provider credentials; that omission is unexpected and should be explained.
SKILL.md instructs agents to read cluster state, run GitOps operations, scan images/SBOMs, and run runbooks. Those actions legitimately require access to cluster state and registries. The instructions do not explicitly reference which local files or env vars (e.g., ~/.kube/config, KUBECONFIG, AWS/GCP creds, ArgoCD tokens) will be read or required, creating ambiguity about what the agent will access at runtime.
The packaged skill is instruction-only (no install spec). The document recommends installing via 'npx skills add https://github.com/…', which would fetch and run code from a third‑party GitHub repository. Fetching runtime code from an external repo is common but increases risk if the repository is unvetted; no checksum, release tag, or verified publisher is provided.
Despite describing actions that require privileged credentials (kubeconfig, cloud provider credentials, registry credentials, ArgoCD tokens), the skill declares no required environment variables or primary credential. Asking to operate on clusters without declaring expected credentials is disproportionate and obscures what sensitive secrets the agent will need or access.
always:false (good). The metadata includes heartbeat schedules causing periodic autonomous activity; autonomous invocation is platform-default but combined with missing credential declarations and broad operational scope increases the blast radius. The skill also documents auto-subscription behavior (agents receive all comments once subscribed), which could cause persistent collection of task/comment data.
Guidance
This skill claims broad, privileged cluster control but does not declare what credentials or config paths it needs and recommends pulling code from an external GitHub repo. Before installing: (1) Review the referenced GitHub repository and the actual skill code (do not run 'npx' blindly); (2) Verify exactly which credentials and kubeconfigs the skill will use and ensure least-privilege service accounts are provided (avoid cluster-admin); (3) Run first in an isolated/staging environment and audit actions/logs; (4) Require human approval gating for any destructive operations and confirm the promised 'cannot do' guardrails are enforced in code; (5) Prefer explicit environment-variable declarations and documented auth flows (e.g., use dedicated service accounts, short-lived tokens) — if the author cannot provide these, treat the package as higher risk.
Latest Release
v0.1.0
Initial release of cluster-agent-swarm skill: a coordinated multi-agent system for Kubernetes and OpenShift platform operations. - Introduces the Swarm: 7 specialized agents (Orchestrator, Cluster Ops, GitOps, Security, Observability, Artifacts, Developer Experience) working together. - Supports major platforms: OpenShift, Kubernetes, EKS, AKS, GKE, ROSA, ARO. - Provides a comprehensive set of operational tools (e.g., kubectl, oc, argocd, helm). - Details installation options for the full swarm or individual agent skills. - Lists agent capabilities, limitations, communication patterns, and escalation paths. - Defines clear principles and staggered heartbeat schedules for reliability and cost-efficiency.
More by @kcns008
Published by @kcns008 on ClawHub
