ios-ci-cd

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The GitHub Actions referenced (e.g., actions/checkout@v4 — https://github.com/actions/checkout) are fetched and executed at workflow runtime by the runner, so external repository code is executed and relied on by the skill.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly includes sudo commands (e.g., "sudo xcode-select -s /Applications/Xcode_15.2.app") that change system-level configuration and instruct installing system packages, which modify the machine's state and require elevated privileges.