graphic-chart

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill loads and executes remote JavaScript at runtime from the ECharts CDN (https://cdn.jsdelivr.net/npm/echarts@6.0.0/dist/echarts.min.js), which is required for rendering and therefore runs remote code (the export script also performs runtime installs like npm install playwright to fetch and execute Playwright/Chromium binaries).