container-security

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes setup commands that fetch and execute remote content at runtime — notably "curl -s https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash", "git clone https://github.com/docker/docker-bench-security.git" (followed by running its script), and "kubectl apply -f https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job.yaml" — which are external dependencies that execute remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit instructions that require or encourage privileged actions (sudo docker-bench, editing /etc/docker/daemon.json), host-mounting and chrooting (mount /dev/sda1, chroot /mnt/host), and docker-sock/privileged-container techniques that can modify the host system and enable container escape, so it pushes the agent toward compromising the machine state.