ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Helm

Helm - command-line tool for everyday use

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 26 · 0 current installs · 0 all-time installs
bybytesagain4@xueyetianya
MIT-0
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose is a local 'Helm' CLI toolkit for managing/chart-like entries, and the included script implements a local logging/entry system that matches that general purpose. However, the name 'Helm' collides with the well-known Kubernetes Helm tool and may cause confusion. The SKILL.md and the script disagree on many command names and the advertised functionality (SKILL.md lists commands like 'helm run' and 'helm add', while the script implements commands such as check, validate, generate, lint, etc.). Version in SKILL.md/script (v2.0.0) differs from registry version 1.0.1.
!
Instruction Scope
SKILL.md instructs the agent to run various helm commands and mentions configuring HELM_DIR, but the script does not implement the same command names and does not read a HELM_DIR environment variable (it hardcodes DATA_DIR to ${HOME}/.local/share/helm). This mismatch means runtime instructions in SKILL.md may not map to the actual behavior of the provided script. The script's operations are otherwise limited to a local data directory and stdout/stderr.
Install Mechanism
There is no install specification; the skill is instruction-only plus a single shell script. No remote downloads, package installs, or archive extraction are present. The script will create and write files under the user's home directory when executed.
Credentials
The skill declares no required environment variables or credentials. The SKILL.md mentions HELM_DIR as configurable, but the script ignores it and uses ~/.local/share/helm. The script writes any user-supplied inputs into per-command log files and a history.log — sensitive content (passwords, tokens, secrets) typed into commands would be persisted locally.
Persistence & Privilege
The skill does not request elevated privileges, does not declare always:true, and confines writes to a data directory under the user's home. It does not modify other skills or global agent settings. Persistence is limited to files in ~/.local/share/helm.
What to consider before installing
This skill's code performs only local logging and exports to files and does not contact external servers or request credentials, but the documentation and script do not match. Before installing: (1) do not assume this is the official Kubernetes Helm; the name may be misleading, (2) review the full script (ensure the truncated portion) to confirm no network calls or surprises, (3) be aware that any text you pass to the tool is stored in ~/.local/share/helm/history.log and per-command logs — avoid entering secrets, (4) ask the author to fix inconsistencies (commands and HELM_DIR handling) or run the script in a sandbox first, and (5) if you rely on commands listed in SKILL.md (e.g., 'helm run' or 'helm add'), verify those are actually implemented in the script before use.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk9735ydzcvjsqhcpekjd4rhw1d830sj9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Helm

Helm chart toolkit — create, lint, template, package, and manage Kubernetes charts.

Commands

CommandDescription
helm helpShow usage info
helm runRun main task
helm statusCheck current state
helm listList items
helm add <item>Add new item
helm export <fmt>Export data

Usage

helm help
helm run
helm status

Examples

# Get started
helm help

# Run default task
helm run

# Export as JSON
helm export json

Output

Results go to stdout. Save with helm run > output.txt.

Configuration

Set HELM_DIR to change data directory. Default: ~/.local/share/helm/

Powered by BytesAgain | bytesagain.com Feedback & Feature Requests: https://bytesagain.com/feedback

Features

  • Simple command-line interface for quick access
  • Local data storage with JSON/CSV export
  • History tracking and activity logs
  • Search across all entries

Quick Start

# Check status
helm status

# View help
helm help

# Export data
helm export json

How It Works

Helm stores all data locally in ~/.local/share/helm/. Each command logs activity with timestamps for full traceability.

Support

Powered by BytesAgain | bytesagain.com | hello@bytesagain.com

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…