[sshine]

You probably don't want either a fully functioning remote shell, or a malleable filesystem for injecting one, since that's precisely the kind of environment that is great for infiltrators to make a pod do something it's not intended to.

[shabble]

if you have a common base system it might be possible to copy/rsync/untar the tools you need and then use them. Ideally you'd want to restart the container/pod once you're done to ensure the tools aren't left around, or their presence causes other weird issues.