gitops_argocd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and applies a manifest from https://raw.githubusercontent.com/... (step 1) and configures ArgoCD to sync from a Git repo via the Application's repoURL (step 2), causing the system to ingest and act on third-party repository content that could contain executable instructions affecting runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches and applies remote manifests at runtime (kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml) and ArgoCD is configured to pull cluster state from https://github.com/company/kyc-system, meaning external content is fetched at runtime and executed/used to control the cluster.