helm-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly instructs the agent to fetch and read chart defaults and READMEs via commands like "helm show values " and "helm show readme " (including oci://registry/chart), which pulls untrusted third-party chart content from public repositories/registries that the agent must interpret and which can directly influence generated values and subsequent actions.