kubernetes

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's installation steps use curl to download and install remote executables (https://kind.sigs.k8s.io/dl/v0.22.0/kind-linux-amd64 and https://dl.k8s.io/.../bin/linux/amd64/kubectl, resolved via https://dl.k8s.io/release/stable.txt), which are fetched at runtime and then executed as required dependencies.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs the agent to run commands that require sudo (sudo mv into /usr/local/bin) and thus modify system-level files/paths, which changes the machine's state and requires elevated privileges.