distill

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill's Tier 3 venv setup runs a runtime pip install of python-pptx==1.0.2 and openpyxl==3.1.5 (which are fetched from PyPI — e.g. https://pypi.org/project/python-pptx/ and https://pypi.org/project/openpyxl/), meaning remote code is downloaded and executed at runtime and is required for PPTX/XLSX conversion.