github-actions

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The workflow templates call external GitHub Actions (for example uses: actions/checkout@v4 which maps to https://github.com/actions/checkout), which are fetched and executed at runtime in CI and are required by the skill, so they constitute runtime external dependencies that execute remote code.