helm-chart-scaffolding
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or security vulnerabilities were detected in the skill instructions, templates, or scripts.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process user-provided Helm configurations. Ingestion points: The skill processes metadata in Chart.yaml and configuration parameters in values.yaml to generate Kubernetes manifests. Boundary markers: Employs standard Helm template delimiters ({{ ... }}) to demarcate template logic from variable data. Capability inventory: Uses the helm CLI within the scripts/validate-chart.sh script to process and validate chart content. Sanitization: Data is interpolated using the standard Helm template engine; no custom sanitization or validation of the input content is implemented in the provided scripts.
- [EXTERNAL_DOWNLOADS]: The skill references external Helm repositories from Bitnami (https://charts.bitnami.com/bitnami) for standard dependencies like PostgreSQL and Redis. These are recognized as well-known and trusted sources in the Kubernetes ecosystem.
Audit Metadata