github-integration

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime setup script runs apt update && apt install -y gh which fetches and installs the gh binary from external package repositories (e.g., archive.ubuntu.com / security.ubuntu.com) at session start — executing remote code the skill depends on to operate.