Skills
skills/maneeshanif/todo-spec-driven/helm-charts-setup/Gen Agent Trust Hub

helm-charts-setup

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The file TOOLS.md contains a command to pipe a remote script directly into bash: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash. While this is an official Helm installation method, it is a high-risk pattern as it executes unverified code from the network without integrity checks.
  • [COMMAND_EXECUTION] (MEDIUM): The file TOOLS.md includes instructions for installation using sudo snap install helm --classic, which grants administrative privileges to the installation process on the host system.
  • [COMMAND_EXECUTION] (LOW): The scripts/validate.sh script executes helm and kubectl based on files discovered in the local directory structure. [1] Ingestion points: Chart.yaml, values.yaml, and template files found via search. [2] Boundary markers: None. [3] Capability inventory: helm lint, helm template, kubectl apply --dry-run. [4] Sanitization: None.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 21, 2026, 12:24 PM