sentinel-api

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime requests to the Sentinel REST API (https://sentinel.deepsource.com/api/v1) and uploads/downloads code via the signed upload_url returned by that API, and the API response can include fix_result.patch which the skill explicitly instructs to apply (e.g., echo "$FIX_PATCH" | git apply), so remote content from these URLs can directly modify/execute code in the repository.