alloydb-omni-performance

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill scripts call npx to fetch and execute the remote npm package "@toolbox-sdk/server@1.1.0" at runtime (via the npx invocation "npx @toolbox-sdk/server@1.1.0"), which downloads and runs remote code that the skill depends on—so this is a runtime external dependency that executes remote code.