Running the helm charts in production

What is the best way to use publicly available helm charts in production?

Currently, we are using helm charts from artifacts published by the vendor( for example Nginx,cert-manager) and point our argocd to download the charts from the endpoint we update the values.yaml with our configuration.

The other option is to download the helm charts locally and then upload them to the private helm repo and use that as a source for all the production deployments. But the problem would be when upgrading the helm charts you need to manually verify all the changes from one version to another.

I just want to ask the community here, what is the best and most secure option?