clickhouse-query

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs bunx/npx to fetch and execute the remote npm package @obsessiondb/chcli at runtime (e.g. https://registry.npmjs.org/@obsessiondb/chcli), so it clearly fetches and executes remote code that the skill depends on.