eg-extension

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill configures Wasm extensions that are fetched and loaded at runtime (e.g., https://example.com/path/to/my-filter.wasm and the OCI image reference my-registry.example.com/my-wasm:v1.0.0), meaning externally-hosted binaries would be retrieved and executed inside Envoy, so these URLs are runtime-executed dependencies.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt instructs creating and modifying Kubernetes resources (Deployments, Services, ConfigMaps, EnvoyExtensionPolicy/EnvoyPatchPolicy) which change cluster/system state and require elevated cluster privileges and can introduce serious security risks, so it should be flagged.