openqemu

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill calls the runtime API endpoint $API_URL/api/sandboxes/{SANDBOX_ID}/exec/run (defaulting to http://localhost:8080 in the docs) to execute arbitrary commands inside sandboxes — a required runtime external endpoint that executes remote code.