kernelgen-flagos

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill mandatorily requires configuring and calling the KernelGen MCP service (e.g., https://kernelgen.flagos.io/sse and the token page https://kernelgen.flagos.io/mcp) at runtime via the mcp__kernelgen-mcp__generate_kernel / optimize_kernel tools, which return code/test/benchmark blocks that the agent injects and executes locally, so this external URL is a high-confidence runtime dependency that can control prompts and execute remote code.