rudder-terraform-setup

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill directs running "terraform init" which fetches and installs the RudderStack provider from the Terraform registry (e.g. https://registry.terraform.io/providers/rudderlabs/rudderstack/latest); that provider is downloaded at runtime and is remote code executed by Terraform, so it is a runtime external dependency that executes code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running sudo commands that modify system files (adding apt repositories, writing to /usr/share/keyrings, installing packages) and altering shell profiles, i.e., actions that change the host state and require elevated privileges.