frappe-impl-customapp

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The guide explicitly instructs runtime use of bench get-app to fetch and install a remote Git repository (https://github.com/org/my_app.git), which downloads external code that will be executed/installed on the target system, satisfying the conditions for a risky runtime external dependency.