modern-git

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill tells users to run remote installers (e.g., curl -fsSL https://claude.ai/install.sh | bash and curl -fsSL https://gitbutler.com/install.sh | sh and direct downloads from https://releases.gitbutler.com/…) which fetch and execute remote code at runtime and are required to enable the GitButler–Claude Code integration that injects branch context into agent prompts, so these URLs are runtime dependencies that execute code and affect agent prompts.