Ensure not directly use kubectl in script
The kubectl apply command applies changes made to IAC files and uses superuser privileges to sync Kubernetes infrastructure. A vector attack could involve injecting code into Kubernetes and abusing superuser privileges.
Risk Level: medium
Platform: Github
Spectral Rule ID: GHAC011
REMEDIATION
Remove 'kubectl' command
Read more:
Updated about 1 year ago