shemic-dever

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes scripts that run remote Go modules at runtime (e.g., "go run github.com/shemic/dever/cmd/dever@main" and run_dever's use of "go run "github.com/shemic/dever/cmd/dever@${DEVER_VERSION}""), which fetch and execute external code during skill execution.