nest-devices

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's setup instructs downloading and executing a remote binary from https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 (curl -> chmod -> run as a service) which fetches and runs remote code and is required for the webhook/tunnel runtime.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs creating and installing systemd service files under /etc/systemd/system and running sudo systemctl commands (and other steps that require elevated privileges), which modify the host system state.