infrastructure-backup-restore

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The Disaster Recovery instructions explicitly run "curl -fsSL https://get.docker.com -o get-docker.sh" followed by "sudo sh get-docker.sh", which fetches and executes remote code from https://get.docker.com at runtime, making it a direct and required external code-execution dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs destructive, system-level operations (docker volume rm/create, tar to /var/lib/docker/volumes, stopping/starting services) and handling .env secrets which require root/sudo and thus can modify/compromise the host state.