Skills
skills/bagelhole/devops-security-agent-skills/helm-charts/Gen Agent Trust Hub

helm-charts

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill utilizes helm and kubectl to manage Kubernetes resources. While these are powerful administrative commands, they are consistent with the skill's primary DevOps purpose. No evidence of unauthorized or malicious command construction was found.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references the Bitnami repository (https://charts.bitnami.com/bitnami) and OCI registries. Although Bitnami is a widely used source, it is not included in the pre-defined trusted organizations list. Per standard security posture, interaction with non-whitelisted external sources is flagged.
  • [REMOTE_CODE_EXECUTION] (LOW): Installation of charts from external repositories involves downloading and executing template definitions and Helm hooks within a cluster environment. This is an inherent capability of the tool and is used here for standard deployment tasks.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill is susceptible to indirect injection if malicious instructions are embedded in third-party charts or value files.
  • Ingestion points: External Helm repositories and OCI registries.
  • Boundary markers: Absent; Helm templates intermingle data and logic.
  • Capability inventory: Cluster resource modification via helm install/upgrade and kubectl.
  • Sanitization: Absent; templates are rendered as provided by the source.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:47 PM