workers-best-practices

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and use the live Cloudflare best-practices page at https://developers.cloudflare.com/workers/best-practices/workers-best-practices/ (and to retrieve live types via npm pack) at runtime, and those fetched documents directly determine the agent's review rules and outputs, so this external URL is a required runtime dependency that controls the agent's instructions.