1k-new-skill

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill explicitly requires a runtime WebFetch to "retrieve and extract key guidelines" from external documentation (e.g., https://code.claude.com/docs/en/skills and https://platform.claude.com/docs/en/agents-and-tools/agent-skills/best-practices), so fetched content is used at runtime to control the agent's instructions (and the install command also pulls SKILL.md from https://raw.githubusercontent.com/.../SKILL.md).