environment-setup-guide

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill contains runtime install commands that fetch and execute remote scripts (e.g., https://get.docker.com used with sh, https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh used with /bin/bash -c "$(curl ...)", https://deb.nodesource.com/setup_20.x piped to bash, and https://community.chocolatey.org/install.ps1 invoked via iex), which directly execute remote code and are presented as required setup steps, so they are high-risk.