Stats
Actions
Tags
Detects Kubernetes container escape attempts by checking privileged mode, dangerous capabilities, host namespace sharing, risky hostPath mounts, and cgroup abuses like CVE-2022-0492 using Python Kubernetes client. For auditing cluster security.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:performing-container-escape-detectionThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
审计 Kubernetes Pod 的容器逃逸向量,包括特权模式(Privileged Mode)、危险能力(Dangerous Capabilities)、宿主机命名空间共享和可写的 hostPath 挂载。
审计 Kubernetes Pod 的容器逃逸向量,包括特权模式(Privileged Mode)、危险能力(Dangerous Capabilities)、宿主机命名空间共享和可写的 hostPath 挂载。
from kubernetes import client, config
config.load_kube_config()
v1 = client.CoreV1Api()
pods = v1.list_pod_for_all_namespaces()
for pod in pods.items:
for container in pod.spec.containers:
sc = container.security_context
if sc and sc.privileged:
print(f"特权容器: {pod.metadata.namespace}/{pod.metadata.name}")
主要逃逸向量:
# 检查 Docker socket 挂载
for vol in pod.spec.volumes or []:
if vol.host_path and "docker.sock" in (vol.host_path.path or ""):
print(f"暴露的 Docker socket:{pod.metadata.name}")
npx claudepluginhub killvxk/cybersecurity-skills-zhDetects Kubernetes container escape attempts via privileged checks, dangerous capabilities, host mounts, namespaces, and cgroup abuse using Python client. For security audits and investigations.
Detects container escape attempts by analyzing namespace configurations, privileged container checks, dangerous capability assignments, and host path mounts using the kubernetes Python client.
Detects container escape attempts in Kubernetes by analyzing namespace configs, privileged mode, capabilities, and hostPath mounts.