cometchat-theming

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires and queries the CometChat docs MCP (installed via https://www.cometchat.com/docs/mcp) at runtime for canonical CSS variables/selectors (which control the agent's output) and also executes remote code via npx @cometchat/skills-cli@latest, so it depends on external content that directly controls behavior and runs fetched code.