microcks-import-artifacts

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The import scripts download and execute external code at runtime—notably the microcks-cli binary from https://github.com/microcks/microcks-cli/releases/download/${MICROCKS_CLI_VERSION}/microcks-cli-${OS_NAME}-${ARCH_NAME} (and also run the mikefarah/yq Docker image / https://github.com/mikefarah/yq)—so fetched content is executed and required for the skill to run.