setup-windows-dev

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses Invoke-WebRequest to download and then Start-Process to execute external installers at runtime (https://aka.ms/vs/17/release/vc_redist.arm64.exe and https://aka.ms/vs/17/release/vc_redist.x64.exe), which fetches remote executables and runs them, so this is a runtime dependency that executes remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill instructs the agent to run system-level installers (winget, VC++ redist) and change system settings (PowerShell execution policy, PATH) — operations that require elevated privileges and modify the machine's state, so it should be flagged.