deployment-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's ArgoCD example explicitly points to an external repo (source.repoURL: https://github.com/myorg/helm-charts) and the GitHub Actions/Helm steps reference external helm repos (HELM_REPO_URL) and container registries, which means the automation will fetch and act on manifests/artifacts from third-party sources that can directly influence deployment actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The ArgoCD manifest references an external repoURL (https://github.com/myorg/helm-charts) which ArgoCD will fetch at runtime to apply Helm charts (and the GitHub Actions workflow also adds a Helm repo via ${{ secrets.HELM_REPO_URL }} and pulls images from ghcr.io/myorg/myapp), so these external URLs are fetched during runtime and result in executing deployment manifests/container images in the target cluster.