fragments-ui-setup

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill recommends adding an MCP server via "npx @fragments-sdk/mcp" in .claude/settings.json, which at runtime fetches and executes remote code and exposes agent tools (fragments_discover / fragments_implement / fragments_inspect / fragments_blocks) that can directly influence agent prompts and behavior.