helm-values-manager
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to manage and validate external Helm value files while possessing high-privilege capabilities, creating a significant attack surface.\n
- Ingestion points: Helm YAML and JSON configuration files accessed via the
Readtool.\n - Boundary markers: Absent. The skill instructions do not include delimiters or directives to ignore embedded instructions within processed data.\n
- Capability inventory: Includes
Bash(arbitrary subprocess execution),Write, andEdit(filesystem modification), which are available to the agent while processing external inputs.\n - Sanitization: None detected. There are no patterns for escaping, validating, or filtering external content before it is processed or used in shell commands.
Recommendations
- AI detected serious security threats
Audit Metadata