hyperpod-issue-report

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches and executes remote shell code at runtime—specifically it downloads and runs the EKS log collector from https://raw.githubusercontent.com/awslabs/amazon-eks-ami/2ac5fc03a8030bb8bc3c1fc1e810209118a10656/log-collector-script/linux/eks-log-collector.sh (via curl) and also uploads a generated collector_script.sh to S3 which nodes download (s3:////collector_script.sh) and execute; both are fetched during runtime, executed on target nodes, and required for EKS collection.