maplibre-pmtiles-patterns

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill instructs loading the pmtiles library at runtime from a CDN (https://unpkg.com/pmtiles/dist/pmtiles.js), which would execute remote JavaScript as a required dependency to register the pmtiles protocol and thus can directly execute remote code.