python-dev

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The included .pre-commit-config.yaml causes runtime fetch-and-execution of hook code from https://github.com/pre-commit/pre-commit-hooks and https://github.com/astral-sh/ruff-pre-commit (installed via pre-commit install), which pulls and executes remote scripts as part of the recommended setup, making these external URLs a required runtime dependency that can execute remote code.