hyperframes-creative

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's package-loader (skills/hyperframes-creative/scripts/package-loader.mjs) can invoke npm at runtime to install pinned packages (e.g., @hyperframes/producer and sharp@0.34.5) from the npm registry (https://registry.npmjs.org/) — which fetches and executes remote code required by the runtime scripts.