cann-operator-env-config

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime commands that add and fetch packages from external repositories—conda channel https://repo.huaweicloud.com/ascend/repos/conda and the yum repo file https://repo.oepkgs.net/ascend/cann/ascend.repo (fetched via curl then used for yum install)—which will retrieve and install remote code the skill depends on, so these URLs are runtime external dependencies that execute remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill includes commands that modify system files and install system-wide packages (e.g., sudo curl writing to /etc/yum.repos.d, yum install, installers writing to /usr/local), which require elevated privileges and change the machine state.