The Agent Skills Directory

[COMMAND_EXECUTION]: The helper script scripts/helm_create.py enables the dynamic generation of executable code. Specifically, the generate_script method writes a provided template string to a .sh file and then applies chmod(0o755) to make it executable. This pattern allows an attacker to inject and execute arbitrary bash code if the input to the generator is not carefully controlled.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing application requirements. 1. Ingestion points: Identifying application resources, dependencies, and configuration needs from user input or external documentation. 2. Boundary markers: Absent; there are no instructions to ignore embedded commands or directives within the requirements data. 3. Capability inventory: The skill has tool permissions for file system modification (Write, Edit) and bash execution for helm and kubectl. 4. Sanitization: Input content is written directly to templates and scripts without any validation or escaping to prevent command injection or YAML/Go template manipulation.

generating-helm-charts