load-testing-patterns

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The CI workflow pulls and executes external GitHub Actions — specifically actions/checkout@v4 and grafana/k6-action@v0.3.1 — which are fetched at runtime and run remote code as required dependencies (i.e., they execute code during the CI run).