docs

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The build script writes an index.html that, when opened at runtime, loads and executes remote JavaScript from CDNs (e.g., https://cdnjs.cloudflare.com/ajax/libs/marked/12.0.1/marked.min.js and https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.min.js), so the skill relies on fetching and executing external code in the viewer.