mcp-csharp-debug

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs users to run npx @modelcontextprotocol/inspector (which pulls and executes code from the npm registry, e.g. https://www.npmjs.com/package/@modelcontextprotocol/inspector/v/0.21.1) at runtime to test MCP servers, meaning remote code is fetched and executed as part of the workflow.