olares-publish

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly instructs installing and running the remote CLI (npm install -g @beclab/olaresid — i.e. fetching https://registry.npmjs.org/@beclab/olaresid) and then executing did-cli commands (did-cli rsa generate / did-cli rsa set), which fetches and runs remote code at runtime and is required for the paid-app RSA key setup.