detecting-privilege-escalation-in-kubernetes-pods
CommunityDetect Kubernetes pod privilege escalation.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Privilege escalation in Kubernetes pods occurs when containers gain elevated access, enabling host compromise or broader cluster impact. This skill provides a framework to detect and prevent such misconfigurations by inspecting securityContext fields, capabilities, host namespace usage, and related indicators.
Core Features & Use Cases
- Inspect pod security contexts (privileged, runAsUser, allowPrivilegeEscalation) across pods and init containers
- Detect dangerous capabilities and host-level access (hostPID, hostNetwork, hostIPC)
- Provide guidance for prevention (admission controls, Falco rules, and audit policy references) and for investigation
Quick Start
Run the agent to audit pods across your cluster and generate a report.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detecting-privilege-escalation-in-kubernetes-pods Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#detecting-privilege-escalation-in-kubernetes-pods Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.