sandbox-bridge

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill relies on a runtime bridge worker URL provided via the SANDBOX_WORKER_URL environment variable (e.g. $SANDBOX_WORKER_URL) which the skill calls (POST /v1/sandbox/{id}/exec) to execute arbitrary shell commands inside a remote sandbox, so this external URL is used at runtime to execute code.