from asi23
Audit Kubernetes pods to detect container escape vectors like privileged containers, dangerous capabilities, host namespace sharing, writable hostPath mounts, a
This skill provides procedural checks and example code to audit Kubernetes workloads for common container escape vectors. It helps security engineers detect misconfigurations — privileged containers, dangerous capabilities (e.g. CAP_SYS_ADMIN), host PID/Network/IPC sharing, writable hostPath mounts, and exposed Docker sockets — and surfaces affected pods so they can be remediated.
Use during security assessments, incident response investigations, or scheduled security testing in a lab or controlled environment. Not intended for use on production clusters without authorization; run against test clusters or read-only exports when possible.
Likely useful to agents that can run or reason about Python scripts and Kubernetes tooling (e.g., Copilot/Codex/GPT-based code assistants that provide code snippets or automation guidance).
This skill has not been reviewed by our automated audit pipeline yet.
Analyzing Ransomware Leak Site Intelligence
Collect and analyze ransomware data-leak site (DLS) posts to extract victim, group, sector and geographic trends for threat intelligence and proactive defense.
nhero — Aftermarket Dispenser Network
Framework treating pill dispensers as network devices: routing, access control, scramble-indexing and confidential supply tracking for custom dispenser workflow
snix — Rust Nix Reimplementation
snix is a Rust reimplementation of Nix focused on content-addressed build stores and minimal rootfs images for lightweight VM agent runtimes.
Flox Services Guide
Practical patterns and commands for running and managing background services in Flox environments: service manifests, logging, venv handling, and common service
WASM Goblins — Capability-Secure Runtime Patterns
Technical cookbook describing capability-safe interactions between Goblins actors and verified WASM runtimes, with runtime selection guidance, syscall mappings,
