byted-supabase

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill installs a Git URL dependency at runtime (requirements.txt: git+https://github.com/sjcsjcsjc/volcengine-python-sdk.git@9905a8853a0e5fd26fdae93eefb4f201e8bef539), and the code imports and executes modules from that package (e.g., volcenginesdkcore / volcenginesdkaidap), so remote code fetched from that URL is required and runs as part of the skill.