auth0-flutter-web

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). I flagged two high-confidence runtime external dependencies: the Auth0 SPA JS CDN (https://cdn.auth0.com/js/auth0-spa-js/2.1/auth0-spa-js.production.js) because the skill requires adding that script tag so the app will fetch and execute remote JavaScript at runtime, and the Auth0 CLI install script (https://raw.githubusercontent.com/auth0/auth0-cli/main/install.sh) because the setup explicitly suggests running curl ... | sh to fetch-and-execute remote shell code to install a required CLI.