validation-testing

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires installing and running the external "blazity/next-migration-skills" (via the command "npx skills add blazity/next-migration-skills -s nextjs-migration-toolkit") and then executes the toolkit's scripts (e.g., bash "$TOOLKIT_DIR/scripts/setup.sh" and npx tsx "$TOOLKIT_DIR/src/bin/ast-tool.ts"), so remote repository content is fetched at runtime and executed as required code.