pacsomatic

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The script can clone and/or rely on the remote pipeline repo at runtime (git clone of https://github.com/nf-core/pacsomatic.git via args.repo_url / --checkout-dir or implicitly when Nextflow runs the remote pipeline), which fetches external pipeline code that will be executed by Nextflow, so the URL is a runtime external dependency that can execute remote code.