ansible

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The playbook contains a runtime get_url task that downloads "https://releases.example.com/app-{{ app_version }}.tar.gz" which is then unarchived and later started (executing code on targets), making this a required runtime fetch that executes remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt explicitly describes and recommends privileged operations (use of --become, editing sudoers to add NOPASSWD or Defaults !requiretty) and references modifying system-level config files (e.g. /etc/ansible/ansible.cfg, /etc/ansible/hosts), which encourages changing machine state and bypassing sudo protections.