gitnexus-exploring

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill launches and executes remote code at runtime via "npx -y gitnexus@latest mcp" (and depends on gitnexus://repo/{name}/context endpoints for its core READ/gitnexus_query/gitnexus_context operations), so the npx/npm fetch is a required runtime-executed external dependency.