helm-chart-scaffolding
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The
scripts/validate-chart.shfile executes standard binaries (helm,grep,awk,jq) to validate Kubernetes Helm charts. The use ofhelm install --dry-runandhelm templateis consistent with the skill's purpose of validating chart rendering without performing actual deployments. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill possesses a surface for indirect prompt injection as it processes external, potentially untrusted Helm chart files.
- Ingestion points:
scripts/validate-chart.shreads and parsesChart.yaml,values.yaml, and template files within a user-provided directory. - Boundary markers: Absent; the script does not wrap chart content in delimiters when outputting validation results.
- Capability inventory: The script performs subprocess calls to
helmandjq, but lacks file-write or network-send capabilities beyond whathelmmight perform for dependency resolution. - Sanitization: The script performs minimal sanitization (e.g., using
trto clean versions) before printing data to the console.
Audit Metadata