helm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs fetching and installing charts from public Helm/OCI registries (e.g., "helm repo add bitnami https://charts.bitnami.com/bitnami", "helm pull oci://...", and "helm show values bitnami/postgresql") and to render/install those manifests (helm template/install), which means the agent would consume untrusted, user-provided chart content (including NOTES, hooks, and manifest data) that can materially influence subsequent actions.