diff --git a/pkg/manifests/helm/generator.go b/pkg/manifests/helm/generator.go
index 8a643ff..8dc4c20 100644
--- a/pkg/manifests/helm/generator.go
+++ b/pkg/manifests/helm/generator.go
@@ -297,6 +297,7 @@ func (g *HelmGenerator) Generate(ctx context.Context, namespace string, name str
 			}(t.Name()),
 		}
 		var buf bytes.Buffer
+		// TODO: templates (accidentally or intentionally) could modify data,e.g. by deep-copying things upfront
 		if err := t0.ExecuteTemplate(&buf, t.Name(), data); err != nil {
 			return nil, err
 		}
diff --git a/pkg/manifests/kustomize/generator.go b/pkg/manifests/kustomize/generator.go
index 8ff15f2..7f35e8f 100644
--- a/pkg/manifests/kustomize/generator.go
+++ b/pkg/manifests/kustomize/generator.go
@@ -191,6 +191,9 @@ func (g *KustomizeGenerator) Generate(ctx context.Context, namespace string, nam
 				Funcs(funcMapForGenerateContext(serverInfo, component, namespace, name))
 		}
 		var buf bytes.Buffer
+		// TODO: templates (accidentally or intentionally) could modify data, or even some of the objects supplied through builtin functions;
+		// such as serverInfo or component; this should be hardened, e.g. by deep-copying things upfront, or serializing them; see the comment in
+		// funcMapForGenerateContext()
 		if err := t0.ExecuteTemplate(&buf, t.Name(), data); err != nil {
 			return nil, err
 		}