This is a reference playbook for attacking Kubernetes clusters, covering API server enumeration, RBAC abuse, service account token escalation, etcd extraction, and Kubelet exploitation. It includes cloud-specific metadata attacks for EKS, GKE, and AKS. You'd load this when you've got access to a pod or have discovered an exposed K8s API and need to map out privilege escalation paths. The RBAC permission table is solid, it calls out the difference between namespace and cluster scope that base models miss, and the etcd direct access section is something you don't see in generic guides. Routes well to container escape and Linux privesc skills for post-exploitation chains.
npx skills add https://github.com/yaklang/hack-skills --skill kubernetes-pentesting