unslop

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The repository repeatedly instructs running installer commands at runtime that fetch and install external skills (e.g. "npx skills add https://github.com/imMamdouhaboammar/unslop" and "npx unslop skills install"), so the GitHub URL https://github.com/imMamdouhaboammar/unslop is a runtime external dependency that can fetch and execute remote code which would directly control agent prompts/instructions.