opentelemetry-collector

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes installer one-liners that fetch and execute remote install scripts at runtime (e.g., bash -c "$(curl -sSL https://github.com/coralogix/telemetry-shippers/releases/latest/download/coralogix-otel-collector.sh)"), which downloads and runs remote code — this is a runtime-executed external dependency and is high-risk.