ci-cd-pipeline

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The workflow contains "uses" references that GitHub fetches and executes at runtime (e.g., actions/checkout@v4 -> https://github.com/actions/checkout), which are external repositories providing code the workflow requires and that run on the runner.