What happened:
We identified the usage of hostPID in your Kubernetes manifest enables unauthorized namespace access and container introspection. Processes inside the container can observe or interfere with other workloads running on the node, violating container isolation.

We provide supporting evidence from Kubernetes Pod Security Standards (Baseline & Restricted) and https://github.com/BishopFox/badPods/tree/main/manifests/hostpid which explicitly discourage hostPID: true unless absolutely required, due to risk of privilege escalation and information disclosure.

What you expected to happen:

Where can this issue be corrected? (optional)

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know?: