open-computer-use

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime installation commands that fetch and run remote code—e.g., "npx skills add iFurySt/open-codex-computer-use" (the iFurySt/open-codex-computer-use GitHub/npm repository) and "npm install -g open-computer-use" which would retrieve and execute external package code that the skill requires.