aws-iam

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly installs and delegates execution to an external agent plugin at runtime (via /plugin marketplace add awslabs/agent-plugins and /plugin install deploy-on-aws@agent-plugins-for-aws), which fetches and runs code from the referenced repository https://github.com/awslabs/agent-plugins (and its deploy-on-aws plugin https://github.com/awslabs/agent-plugins/tree/main/plugins/deploy-on-aws), so external content can directly control agent behavior.