gitlab-ci-patterns

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The GitLab CI examples reference runtime-fetched external content that will be pulled and executed by the pipeline (e.g., include: Security/SAST.gitlab-ci.yml and container images like node:20, bitnami/kubectl:latest, docker:24, aquasec/trivy:latest, hashicorp/terraform:1.6.0), and those fetched templates/images directly define and execute pipeline jobs.