genie-metadata-optimizer

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The run_gepa_optimization notebook installs and then imports/executes the external gepa package at runtime via the pip command ("pip install 'gepa>=0.1.0'"), which fetches remote code from PyPI and is used to generate and apply patch sets that directly modify Genie instructions (Lever 6), meeting the criteria for a runtime external dependency that controls prompts/instructions.