kubernetes

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The installation steps download and install remote executables at runtime (curl https://kind.sigs.k8s.io/dl/v0.22.0/kind-linux-amd64 and curl -LO "https://dl.k8s.io/release/.../bin/linux/amd64/kubectl"), which are required binaries fetched and then executed, so they constitute runtime external dependencies that can execute code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt instructs downloading binaries and using "sudo mv" to place them in /usr/local/bin, which modifies system-wide files and requires elevated privileges, so it pushes the agent to change the machine's state.