rudder-cli-setup

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs runtime download and installation of a remote executable via curl from https://github.com/rudderlabs/rudder-iac/releases/download/VERSION/BINARY which fetches and installs remote code that the workflow depends on.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly instructs using sudo to move the downloaded binary into /usr/local/bin (a system-wide PATH), which modifies system files and requires elevated privileges, so it directs actions that change the machine state.