arashi

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime install and download commands that fetch and install remote code required for operation (e.g., "npm install --global arashi@1.7.0" and the GitHub release URLs like https://github.com/corwinm/arashi/releases/download/v${ARASHI_VERSION}/${ARASHI_ASSET}), so external content is fetched at runtime and executed as a required dependency.