user-proxy

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). AGENTS.md enforces a "session gate" that requires running compose-agentsmd before responding, and agent-ruleset.json references the remote rules source "github:metyatech/agent-rules@HEAD" (i.e., https://github.com/metyatech/agent-rules) which will be fetched at runtime to control the agent's rules/prompts, so this is a runtime external dependency that can directly affect instructions.