hypercerts

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill instructs the agent/operator to run runtime installers that fetch and execute remote code (e.g., "npx skills add hypercerts-org/ePDS --skill epds-login --yes" and the direct-directory fallback URLs like https://github.com/hypercerts-org/ePDS/tree/main/.agents/skills/epds-login, https://github.com/GainForest/hyperindex/tree/main/.agents/skills/hyperindex, https://github.com/hypercerts-org/certified-group-service/tree/main/.agents/skills/app-development-with-cgs, and https://github.com/hypercerts-org/hypercerts-lexicon/tree/main/.agents/skills/building-with-hypercerts-lexicons), which are fetched at runtime and thus constitute external code execution dependencies.