configuring-connections

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The MCP connection requires a runtime serverURL (e.g. "https://mcp-server.example.com/mcp") which the agent calls to invoke external MCP tools — a remote service that can execute operations and influence model/tooling at runtime, so it is a runtime external dependency that can control prompts or execute code.