chainbase-openapi-skill

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly directs a runtime fetch of the curated OpenAPI schema at https://raw.githubusercontent.com/holon-run/uxc/main/skills/chainbase-openapi-skill/references/chainbase-web3.openapi.json (via the uxc link --schema-url command), and that JSON schema directly defines the operations/CLI surface the agent/uxc will use to construct prompts and invoke actions, so it is a runtime external dependency that controls agent behavior.