ci-cd-android

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The workflow references external GitHub Actions that are fetched and executed at runtime (e.g., uses: actions/checkout@v4 and r0adkll/upload-google-play@v1), so these external repos/actions run remote code and are required for the pipeline.