dokploy-docker-compose

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes init-container runtime commands that download and install a binary from a GitHub release (e.g., https://github.com/SigNoz/signoz/releases/download/histogram-quantile%2F${version}/histogram-quantile_${node_os}_${node_arch}.tar.gz) using wget/tar/chmod, which fetches and enables execution of remote code at runtime.