rag-blueprint

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). This skill's deploy paths explicitly require pulling container images/charts from NVIDIA's registry (nvcr.io / NGC) at runtime (e.g., docker login / helm installs that fetch images/charts from nvcr.io), which will fetch and execute remote code and are required for the deployment — flagged URL: nvcr.io.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill instructs the agent to edit deployment config files and run docker/helm/kubectl commands (restart services, upgrade charts, teardown) which directly modify the host system's state and could require elevated privileges, so it pushes the agent to perform potentially destructive system changes.