helm-chart-scaffolding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs fetching and using external chart repositories and sources (e.g., dependencies in Chart.yaml and commands like "helm dependency update", "helm repo add", and references to https://charts.bitnami.com/bitnami and GitHub), so the agent will ingest public third‑party chart/templates/NOTES content that can contain instructions or hooks and thus materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs using helm dependency/update and helm install to fetch chart packages from external chart repositories (e.g., https://charts.bitnami.com/bitnami and https://charts.example.com), which at runtime pulls remote chart content that can determine manifests and result in execution of containers/remote code, so these URLs are runtime dependencies controlling execution.