test(translator): tighten skills security context assertions

go/core/internal/controller/translator/agent/manifest_builder.go

@@ -297,7 +297,7 @@ func buildPodRuntime(
 	volumeMounts = append(volumeMounts, manifestCtx.deployment.VolumeMounts...)
 
 	needCodeExecIsolation := cfg != nil && cfg.GetExecuteCode()
-	initContainers, skillsInitCM, err := buildSkillsRuntime(manifestCtx, &sharedEnv, &volumes, &volumeMounts, &needCodeExecIsolation)
+	initContainers, skillsInitCM, err := buildSkillsRuntime(manifestCtx, &sharedEnv, &volumes, &volumeMounts)
 	if err != nil {
 		return nil, err
 	}
@@ -387,7 +387,6 @@ func buildSkillsRuntime(
 	sharedEnv *[]corev1.EnvVar,
 	volumes *[]corev1.Volume,
 	volumeMounts *[]corev1.VolumeMount,
-	needCodeExecIsolation *bool,
 ) ([]corev1.Container, *corev1.ConfigMap, error) {
 	spec := manifestCtx.agent.GetAgentSpec()
 	if spec.Skills == nil {
@@ -400,7 +399,6 @@ func buildSkillsRuntime(
 		return nil, nil, nil
 	}
 
-	*needCodeExecIsolation = true
 	*sharedEnv = append(*sharedEnv, corev1.EnvVar{
 		Name:  env.KagentSkillsFolder.Name(),
 		Value: "/skills",

go/core/internal/controller/translator/agent/security_context_test.go

@@ -275,10 +275,8 @@ func TestSecurityContext_OnlyContainerSecurityContext(t *testing.T) {
 	assert.Equal(t, int64(3000), *containerSecurityContext.RunAsGroup)
 }
 
-// TestSecurityContext_SkillsDefaultPrivilegedSandbox verifies that when skills are
-// configured and the user has NOT set any securityContext (i.e., no PSS restriction),
-// the controller sets Privileged=true so that srt/bubblewrap can fully sandbox the BashTool.
-func TestSecurityContext_SkillsDefaultPrivilegedSandbox(t *testing.T) {
+// TestSecurityContext_SkillsNoPrivileged verifies that skills alone do not produce any security context.
+func TestSecurityContext_SkillsNoPrivileged(t *testing.T) {
 	ctx := context.Background()
 
 	agent := &v1alpha2.Agent{
@@ -294,7 +292,6 @@ func TestSecurityContext_SkillsDefaultPrivilegedSandbox(t *testing.T) {
 			Declarative: &v1alpha2.DeclarativeAgentSpec{
 				SystemMessage: "Test agent",
 				ModelConfig:   "test-model",
-				// No Deployment.SecurityContext set — default behaviour
 			},
 		},
 	}
@@ -338,19 +335,10 @@ func TestSecurityContext_SkillsDefaultPrivilegedSandbox(t *testing.T) {
 	require.NotNil(t, deployment)
 	podTemplate := &deployment.Spec.Template
 
-	containerSecurityContext := podTemplate.Spec.Containers[0].SecurityContext
-	require.NotNil(t, containerSecurityContext, "SecurityContext should be created for sandbox")
-	// Without an explicit AllowPrivilegeEscalation=false constraint, skills trigger Privileged=true
-	// so that srt/bubblewrap can use kernel namespaces for full BashTool sandboxing.
-	require.NotNil(t, containerSecurityContext.Privileged, "Privileged should be set when no securityContext restriction")
-	assert.True(t, *containerSecurityContext.Privileged, "Privileged should be true for skills without PSS restrictions")
+	assert.Nil(t, podTemplate.Spec.Containers[0].SecurityContext, "skills must not set a security context")
 }
 
-// TestSecurityContext_SkillsPSSRestricted verifies that when a user explicitly sets
-// AllowPrivilegeEscalation=false (PSS Restricted profile), adding skills does NOT
-// force Privileged=true — which Kubernetes rejects as an invalid combination.
-// srt (Anthropic Sandbox Runtime) falls back to unprivileged user-namespace sandboxing
-// on modern kernels (EKS, GKE) that have unprivileged_userns_clone enabled.
+// TestSecurityContext_SkillsPSSRestricted verifies that AllowPrivilegeEscalation=false is preserved and skills do not override it.
 func TestSecurityContext_SkillsPSSRestricted(t *testing.T) {
 	ctx := context.Background()
 

go/core/internal/controller/translator/agent/testdata/outputs/agent_with_git_skills.json

@@ -243,9 +243,6 @@
                     "memory": "384Mi"
                   }
                 },
-                "securityContext": {
-                  "privileged": true
-                },
                 "volumeMounts": [
                   {
                     "mountPath": "/config",

go/core/internal/controller/translator/agent/testdata/outputs/agent_with_skills.json

@@ -243,9 +243,6 @@
                     "memory": "684Mi"
                   }
                 },
-                "securityContext": {
-                  "privileged": true
-                },
                 "volumeMounts": [
                   {
                     "mountPath": "/config",