implementing-service-mesh
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The automated scan detected instances of piped remote script execution (curl | sh). This pattern executes arbitrary code from external servers without any verification or integrity checks.
- Evidence: curl -L https://istio.io/downloadIstio | sh
- Evidence: curl -sL https://run.linkerd.io/install-edge | sh
- EXTERNAL_DOWNLOADS (HIGH): The skill references external binaries and installation scripts from istio.io and linkerd.io. These domains are not within the trusted external source whitelist, introducing supply chain risk.
- COMMAND_EXECUTION (HIGH): The skill is designed to manage Kubernetes infrastructure using privileged commands (kubectl apply) and shell scripts. In combination with the detected RCE patterns, this provides a direct path to complete cluster compromise.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://run.linkerd.io/install-edge, https://istio.io/downloadIstio - DO NOT USE
- AI detected serious security threats
Audit Metadata