ansible-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The playbook's git task uses the runtime URL https://github.com/myorg/myapp.git to clone application source which is then built and run (docker_image/docker_container), so remote repository content is a required runtime dependency that can deliver and execute arbitrary code on targets.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes tasks that create system users, modify sysctl and systemd, install packages and add apt repositories/keys (and uses become: yes), all of which require sudo/root and modify the host system state.