product-changelog

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill requires and instructs runtime use of the inference.sh "belt" CLI (e.g., "belt app run falai/flux-dev-lora" / "belt app run infsh/agent-browser"), which will fetch and execute remote apps from https://inference.sh and thus brings external content that controls prompts or runs code at runtime.