openwork-orchestrator-npm-publish

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill states the orchestrator "downloads sidecars from openwork-orchestrator-vX.Y.Z release assets by default," which implies runtime fetching and execution of binaries from the GitHub release assets URL (e.g. https://github.com/different-ai/openwork/releases/download/openwork-orchestrator-vX.Y.Z/...), so external content downloaded at runtime can execute code.