msw-packages

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly performs runtime fetches of package READMEs and repository trees (e.g. https://raw.githubusercontent.com/MSW-Git/MSWPackages/main//README.md and https://api.github.com/repos/MSW-Git/MSWPackages/git/trees/main?recursive=1), and those fetched files are used to directly shape the agent's summaries/instructions and integration workflow, so they are required external content that controls the agent's outputs.