Verification & Quality Assurance

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill repeatedly requires running the remote package via "npx claude-flow@alpha" (e.g., in Quick Start, verification, dashboard, and hooks), which fetches and executes remote code at runtime and is a required dependency — npx claude-flow@alpha is therefore a high-confidence runtime external dependency that can execute code.