mcp-code-execution

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill documentation explicitly states MCP tools may be auto-loaded at runtime from claude.ai/settings/connectors (https://claude.ai/settings/connectors), which indicates external connector tooling is fetched into the agent's runtime toolset and can therefore alter available tools and agent behavior.