optimize-cloud-costs
Implements cloud cost optimization strategies for Kubernetes workloads, enhancing visibility and resource management to reduce spending.
Install this skill
or
37/100
Security score
The optimize-cloud-costs skill was audited on Mar 3, 2026 and we found 15 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
medium line 149
Curl to non-GitHub URL
SourceSKILL.md
| 149 | curl http://localhost:9090/model/allocation\?window\=7d | jq . |
medium line 206
Curl to non-GitHub URL
SourceSKILL.md
| 206 | curl "http://localhost:9090/model/savings/requestSizing?window=7d" | jq . > recommendations.json |
high line 229
Curl to non-GitHub URL
SourceSKILL.md
| 229 | - Check if Prometheus has node-exporter metrics: `curl http://prometheus:9090/api/v1/query?query=node_cpu_seconds_total` |
high line 428
Curl to non-GitHub URL
SourceSKILL.md
| 428 | - Ensure Prometheus has Kubecost metrics: `curl http://prometheus:9090/api/v1/query?query=kubecost_monthly_cost` |
medium line 262
Wget to non-GitHub URL
SourceSKILL.md
| 262 | "while true; do wget -q -O- http://api-server.production.svc.cluster.local; done" |
medium line 334
Webhook reference - potential data exfiltration
SourceSKILL.md
| 334 | - Verify webhook is registered: `kubectl get mutatingwebhookconfigurations vpa-webhook-config` |
medium line 429
Webhook reference - potential data exfiltration
SourceSKILL.md
| 429 | - Test alert routing: verify email/Slack webhook configuration |
low line 58
External URL reference
SourceSKILL.md
| 58 | helm repo add kubecost https://kubecost.github.io/cost-analyzer/ |
low line 75
External URL reference
SourceSKILL.md
| 75 | --set global.prometheus.fqdn="http://prometheus-server.monitoring.svc.cluster.local" \ |
low line 84
External URL reference
SourceSKILL.md
| 84 | # Open http://localhost:9090 |
low line 149
External URL reference
SourceSKILL.md
| 149 | curl http://localhost:9090/model/allocation\?window\=7d | jq . |
low line 206
External URL reference
SourceSKILL.md
| 206 | curl "http://localhost:9090/model/savings/requestSizing?window=7d" | jq . > recommendations.json |
low line 229
External URL reference
SourceSKILL.md
| 229 | - Check if Prometheus has node-exporter metrics: `curl http://prometheus:9090/api/v1/query?query=node_cpu_seconds_total` |
low line 262
External URL reference
SourceSKILL.md
| 262 | "while true; do wget -q -O- http://api-server.production.svc.cluster.local; done" |
low line 428
External URL reference
SourceSKILL.md
| 428 | - Ensure Prometheus has Kubecost metrics: `curl http://prometheus:9090/api/v1/query?query=kubecost_monthly_cost` |
Scanned on Mar 3, 2026
View Security Dashboard