[reubenlavin]

I’m particularly interested in the disable-model-invocation: true safety on /exec and /cleanup. It addresses the biggest hurdle for AI in infra: the fear of an agent hallucinating a delete or exec command in the wrong context.

[andres]

In addition the skills teach the agent about which kubectl commands are mutating so it doesn’t treat them and normal Bash() commands and asks you for permission first.