openai-docs

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill declares and uses an MCP doc tool at runtime (agents/openai.yaml and SKILL.md) pointing to https://developers.openai.com/mcp, which the agent will fetch and use as authoritative guidance to generate prompts/responses, so this external URL directly controls agent behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt tells the agent to modify agent configuration and explicitly instructs to "retry with escalated permissions" if adding the MCP server fails due to permissions/sandboxing, which encourages privilege escalation and altering system/agent state.