Skills
skills/laurigates/claude-plugins/helm-chart-development/Gen Agent Trust Hub

helm-chart-development

Warn

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external configuration files and templates, creating a surface for indirect prompt injection.\n
  • Ingestion points: Reads and renders data from values.yaml, Chart.yaml, and files in the templates/ directory.\n
  • Boundary markers: Relies on standard Helm template delimiters {{ ... }} which provide syntactic separation but do not inherently isolate malicious instructions.\n
  • Capability inventory: Executes powerful commands like helm install and helm test which can deploy and run arbitrary code in a cluster environment.\n
  • Sanitization: Suggests the use of Helm's quote and required template functions to help validate data, though these are not complete security controls against injection.\n- [DATA_EXFILTRATION]: Includes instructions that reference the sensitive path ~/.gnupg/secring.gpg for chart signing. While this is a legitimate use case for securing chart distribution, it highlights access to private cryptographic keys.\n- [EXTERNAL_DOWNLOADS]: Downloads chart dependencies from the well-known Bitnami repository using helm dependency update.\n- [COMMAND_EXECUTION]: Employs a range of Helm CLI tools to manage chart lifecycles, including creation, rendering, and deployment actions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 14, 2026, 01:24 PM