thatopen-syntax-ifc-loading

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs users to set the WASM path to the CDN URL "https://unpkg.com/web-ifc@0.0.77/" which is fetched at runtime to load web-ifc.wasm (remote WebAssembly that is executed) and is a required dependency for IFC parsing, so this external URL can execute remote code during skill runtime.