cometchat-customization

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires querying the CometChat docs MCP (installed from https://www.cometchat.com/docs/mcp) and fetching sample-app files directly from GitHub/raw.githubusercontent.com (e.g. https://raw.githubusercontent.com/cometchat/cometchat-uikit-react/v6/sample-app/...) at runtime to drive code generation and customization, so remote content would directly control agent outputs; therefore these URLs are runtime dependencies that influence prompts/code.