knative

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The install scripts and documentation fetch and apply remote manifests and binaries at runtime (e.g., kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.20.0/serving-crds.yaml and curl -sL https://github.com/knative/func/releases/latest/download/func_linux_amd64 -o func) which will download and execute external content required for the skill.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit commands that use sudo to move a binary into /usr/local/bin (and otherwise instructs making system-level changes via kubectl and patching configmaps), which directs the agent to perform actions requiring elevated privileges and modify the host/cluster state.