external-gitcode-ascend-cann-operator-env-config

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill executes runtime commands that fetch and install external package sources (e.g., curl https://repo.oepkgs.net/ascend/cann/ascend.repo and conda config --add channels https://repo.huaweicloud.com/ascend/repos/conda), which pulls repository metadata and enables installation of remote packages (i.e., executing remote code) required for the online installation path.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill gives explicit system-level installation steps (sudo curl to write /etc/yum.repos.d, yum installs, running installers that write to /usr/local) which modify system files and require/root privileges, so it does push the agent to change the machine state.