auth0-react

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The automated setup instructs fetching and executing remote install scripts at runtime (e.g., curl -sSfL https://raw.githubusercontent.com/auth0/auth0-cli/main/install.sh -o /tmp/auth0-install.sh && sh /tmp/auth0-install.sh, and similar commands for Homebrew https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh and Scoop via iwr -useb get.scoop.sh | iex), which downloads and runs external code that the setup relies on.