bio-foundation-housekeeping

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's docs include runtime install commands that fetch-and-execute remote scripts for required prerequisites (e.g., "curl -fsSL https://pixi.sh/install.sh | bash" and "curl https://install.duckdb.org | sh"), meaning these URLs would execute remote code during setup.