pp-pokeapi

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill requires installing and running code fetched from external repositories (e.g., via "npx -y @mvanhorn/printing-press install pokeapi" and "go install github.com/mvanhorn/printing-press-library/library/media-and-entertainment/pokeapi/cmd/pokeapi-pp-cli@latest" — and similarly the MCP installer "github.com/mvanhorn/printing-press-library/.../pokeapi-pp-mcp@latest"), which fetches and executes remote code as a required dependency at install/runtime.