qa-parsing-product-requirements

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches live content at runtime from external sources (e.g., Figma file URLs and Jira API/MCP tools) and injects that fetched payload into the agent’s context to drive parsing and test-generation, so those Figma file URLs / Jira API endpoints are runtime dependencies that can directly control prompts.