check-balance

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs running remote packages with npx (e.g., "npx agnic@latest status" / "npx agnic@latest balance"), which fetches and executes code from the npm registry at runtime, so the external package (agnic@latest) directly executes remote code required for the skill.