code-review

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses glab/git commands to fetch merge request diffs and file contents at runtime from the self-hosted GitLab instance https://gitlab-erp-pas.dedalus.lan, and that fetched content is injected into the model context to drive review prompts, so this external endpoint directly controls agent behavior.