codespaces

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The devcontainer configuration pulls and runs remote container artifacts that execute code at creation time (e.g., image "mcr.microsoft.com/devcontainers/universal:2" and feature URLs "ghcr.io/devcontainers/features/node:1" and "ghcr.io/devcontainers/features/python:1"), so these external URLs are fetched during runtime and directly execute remote code required by the skill.