generate-openenv-env

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The template Dockerfile contains a build-time command that downloads and executes a remote install script (curl -LsSf https://astral.sh/uv/install.sh | sh), which will run during Docker image builds invoked by the skill (e.g., via openenv build), so remote code is fetched-and-executed at runtime: https://astral.sh/uv/install.sh.