cxas-sim-eval

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). At runtime the scripts fetch app instructions and tool schemas from the CES API (via Apps.export_app and Tools.retrieve_tool_schema) which are saved under output_dir/app and then directly injected into LLM prompts for analysis (e.g., the CES console/API at https://ces.cloud.google.com), so remote content from that service can directly control the agent's prompts.