← 返回 Skills 市场
charlie-morrison

Helm Chart Linter

作者 charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
78
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install helm-chart-linter
功能描述
Lint and validate Helm charts for structure, security, dependencies, and best practices. Use when asked to lint, validate, check, or audit Helm charts, verif...
使用说明 (SKILL.md)

Helm Chart Linter

A pure Python 3 (stdlib only) linter and validator for Helm chart directories. Checks structure, security, dependencies, and best practices across 22 rules.

Commands

python3 scripts/helm_chart_linter.py \x3Ccommand> \x3Cchart-dir> [options]
Command Description
lint Lint chart structure and best practices (all rules)
security Run security-focused checks only
dependencies Validate Chart.yaml/Chart.lock dependencies
validate Full validation: structure + security + dependencies

Options

Option Description
--format text|json|markdown Output format (default: text)
--strict Exit 1 on warnings as well as errors (CI mode)

Examples

# Basic lint
python3 scripts/helm_chart_linter.py lint ./my-chart

# Full validation with JSON output
python3 scripts/helm_chart_linter.py validate ./my-chart --format json

# Security audit, strict mode for CI
python3 scripts/helm_chart_linter.py security ./my-chart --strict

# Dependency check with Markdown report
python3 scripts/helm_chart_linter.py dependencies ./my-chart --format markdown

Rules

Structure (6 rules)

  1. CHART001 — Chart.yaml exists and has required fields (apiVersion, name, version, description)
  2. CHART002 — Version is valid semver
  3. CHART003 — values.yaml exists
  4. CHART004 — templates/ directory exists
  5. CHART005 — NOTES.txt exists in templates/ (warning)
  6. CHART006 — .helmignore exists (warning)

Security (6 rules)

  1. SEC001 — No hardcoded secrets in values.yaml (passwords, tokens, keys)
  2. SEC002 — No privileged containers (securityContext.privileged: true)
  3. SEC003 — No hostNetwork, hostPID, or hostIPC enabled
  4. SEC004 — Resource limits defined in templates
  5. SEC005 — No runAsRoot without explicit runAsNonRoot
  6. SEC006 — Image tags not "latest"

Dependencies (4 rules)

  1. DEP001 — Chart.lock present and matches Chart.yaml dependencies
  2. DEP002 — No wildcard version constraints
  3. DEP003 — Repository URLs use HTTPS
  4. DEP004 — No duplicate dependency names

Best Practices (6 rules)

  1. BP001 — Labels include app.kubernetes.io/name, version, managed-by
  2. BP002 — Liveness and readiness probes defined
  3. BP003 — Service account name configured
  4. BP004 — Namespace not hardcoded in templates
  5. BP005 — No deprecated API versions (extensions/v1beta1, apps/v1beta1, etc.)
  6. BP006 — Values documented with comments

Exit Codes

Code Meaning
0 No issues (or only warnings in normal mode)
1 Errors found (or warnings found in --strict)
2 Script/usage error
安全使用建议
The skill appears coherent: it bundles a Python linter and SKILL.md that tell the agent to run the script on a chart directory, and it requests no external credentials or install steps. However the main script was truncated in the bundle you provided, so you should: 1) Inspect the entire scripts/helm_chart_linter.py before installing — search for network usage (urllib, http, socket, requests, subprocess with curl/ssh), code that reads outside the specified chart-dir (e.g., expands ~, reads /etc, ~/.ssh), or code that writes to unexpected locations. 2) Run the script in an isolated environment (container or VM) on sample charts first. 3) If you need higher assurance, ask the publisher for a full code review or for a provenance link (homepage or repository) and verify the binary/script hash. 4) Note STATUS.md mentions a price ($59) — confirm licensing and distribution expectations before use. If the rest of the script contains no outbound/network calls or reads of unrelated files, this skill is likely benign; discovery of network/exfiltration calls or requests for credentials would raise the assessment to malicious.
功能分析
Type: OpenClaw Skill Name: helm-chart-linter Version: 1.0.0 The Helm Chart Linter skill bundle is a legitimate utility for performing static analysis on Kubernetes Helm charts. The primary script, scripts/helm_chart_linter.py, implements a custom YAML parser and 22 linting rules covering security, structure, and best practices without any external dependencies. There is no evidence of data exfiltration, unauthorized network access, or malicious execution; the script only reads files within the target directory and outputs text/JSON/Markdown reports as described in SKILL.md.
能力标签
requires-wallet
能力评估
Purpose & Capability
The name/description (Helm chart linting) matches the provided SKILL.md and the included Python script which implements a YAML parser and sets up linting rules for charts. No extraneous capabilities are declared (no env vars, no required binaries, no install).
Instruction Scope
SKILL.md instructs the agent to run the included Python script against a specified chart directory (python3 scripts/helm_chart_linter.py <command> <chart-dir>). That scope is appropriate for linting and the visible code shows parsers and rule checks. However the script file was truncated in the bundle you provided, so I cannot verify there are no instructions or code paths that read unrelated files, access home directories, or transmit data.
Install Mechanism
No install spec is present (instruction-only + bundled script). This minimizes install-time risk — nothing is being downloaded or extracted at install time.
Credentials
The skill declares no required environment variables, credentials, or config paths, and SKILL.md doesn't request any. That is proportional for a local linter which should only need access to the chart directory.
Persistence & Privilege
always is false, user-invocable is true, and the skill does not request persistent system presence or to modify other skills. Autonomy is enabled by default for skills, which is expected here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install helm-chart-linter
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /helm-chart-linter 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
Slug helm-chart-linter
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Helm Chart Linter 是什么?

Lint and validate Helm charts for structure, security, dependencies, and best practices. Use when asked to lint, validate, check, or audit Helm charts, verif... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 78 次。

如何安装 Helm Chart Linter?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install helm-chart-linter」即可一键安装,无需额外配置。

Helm Chart Linter 是免费的吗?

是的,Helm Chart Linter 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Helm Chart Linter 支持哪些平台?

Helm Chart Linter 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Helm Chart Linter?

由 charlie-morrison(@charlie-morrison)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论