anodot

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill relies on the Membrane CLI which the docs instruct to fetch/execute via npm/npx (package @membranehq/cli — e.g. https://www.npmjs.com/package/@membranehq/cli), so remote code would be downloaded and executed at runtime to drive the agent's actions.