fuzzing-go-expert

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires fetching and building external code at runtime — notably the blank import "github.com/AdamKorcz/go-118-fuzz-build/testing" (pulled via go mod tidy and compiled into the harness) and the OSS-Fuzz base image referenced as "gcr.io/oss-fuzz-base/base-builder-go" — both are runtime external dependencies that cause remote code/artifacts to be executed as part of the build/fuzz run.