feat(skill): add kubernetes rbac review

[452740336]

What This PR Does

Adds a new kubernetes-rbac-review Cloud/Kubernetes authorization skill for issue #254.

The skill covers:

• wildcard verbs/resources/API groups in Roles and ClusterRoles
• unsafe ClusterRoleBindings and cluster-admin bindings
• escalation-sensitive verbs: bind, escalate, and impersonate
• secret enumeration, workload-creation escalation, service-account token creation, and dangerous subresources
• RBAC aggregation behavior through aggregationRule and aggregate-to-* labels
• default service-account and automountServiceAccountToken hardening checks
• 3 vulnerable fixtures and 3 benign fixtures
• a lightweight verification script for the skill assets
• index.yaml registration

This contribution was prepared with Codex assistance and reviewed locally against the repository's validation expectations.

Framework References

• Kubernetes documentation: Using RBAC Authorization
• Kubernetes documentation: Role Based Access Control Good Practices
• CIS Kubernetes Benchmark v1.9.0 RBAC policy domain
• CWE-269: Improper Privilege Management

Testing

Validated locally with:

[github-actions]

Thanks for the submission! 🙏 SecuritySkills is now issue-first: contributions need a linked issue that a maintainer has marked approved before a PR is opened.

Please open an issue describing the skill, wait for the approved label, then reopen this PR with Closes #<issue> in the description. The PR template lists everything we'll look for (including an independently runnable reproduction).