xiaomi

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill runs "uvx mijiaAPI" which auto-installs and executes the referenced GitHub repository https://github.com/Do1e/mijia-api at runtime, so remote code from that URL would be fetched and executed as a required dependency.