skills/borghei/claude-skills/helm-chart-builder/Socket

helm-chart-builder

Warn

Audited by Socket on Apr 3, 2026

1 alert found:

Security

Securityexamples/values.yaml

MEDIUM

SecurityMEDIUM

examples/values.yaml

No direct evidence of intentional malware/backdoor behavior in this YAML fragment. However, it is highly insecure as a deployment configuration: it hardcodes multiple secrets (app API secret, DB and Redis credentials), uses non-reproducible image settings (latest + Always), and omits core hardening controls (securityContext, resource limits, probes, networkPolicy, and related safety constraints). If used as-is, it significantly increases the likelihood of credential exposure and increased attack surface/blast radius.

Confidence: 70%Severity: 88%

Audit Metadata

Analyzed At

Apr 3, 2026, 11:13 AM

Package URL

pkg:socket/skills-sh/borghei%2Fclaude-skills%2Fhelm-chart-builder%2F@3bf9b2c1005ae053e4fbb5224042dce3201a3fa9