worker-bootstrap
Use when the user needs to install a ConfigHub bridge worker in a Kubernetes cluster so that Units can apply, refresh, or import against real infrastructure — phrases like "set up a worker", "install the ConfigHub worker", "connect ConfigHub to my cluster", "make ConfigHub able to deploy", "add an Argo renderer worker", "add a Flux renderer worker", "I need a worker for OCI publishing", or "the worker isn't running / is crashing". Creates the worker entity, generates the Kubernetes manifest with the right provider types, installs it (or exports it for review / storage as a ConfigHub Unit), verifies it's running, and stops before you try to deploy anything through a worker that isn't healthy. Do not load for creating Targets (use target-bind — Targets reference Workers but are a separate concern) or for day-2 application apply (use cub-apply once the worker is up).
89
88%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Security
1 medium severity finding. This skill can be installed but you should review these findings before use.
W012: Unverifiable external dependency detected (runtime URL that controls agent)
What this means
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Why it was flagged
Potentially malicious external URL detected (high risk: 0.80). The worker manifest explicitly defaults to the container image ghcr.io/confighubai/confighub-worker which is fetched at install time (kubectl apply) and will execute remote code in the cluster, so this external URL is a runtime dependency that runs code.
- Repository
- confighub/confighub-skills
- Commit
59ea831
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.