deployment-pipeline-design

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). Yes — the workflow and templates reference external action repositories that are fetched and executed at runtime (e.g., https://github.com/actions/checkout, https://github.com/github/codeql-action, docker/* actions) and a GitLab project include (project: 'devops/ci-templates' ref: main) which will be retrieved as remote YAML/code and executed as part of the CI/CD run.