knowledge-graph-skills

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill docs include installation commands that fetch and execute remote code required at runtime—e.g., "git clone https://github.com/OpenSPG/openspg.git" followed by "docker-compose up -d" (OpenSPG) and the Graphiti guidance to install graphiti-core / run a Neo4j container (see https://github.com/getzep/graphiti)—which are high-confidence runtime dependencies that pull and run external code.