igniteui-angular-theming

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires starting an MCP server via the runtime command "npx -y igniteui-theming igniteui-theming-mcp" which will fetch and execute remote package code from the npm registry (e.g. https://registry.npmjs.org/igniteui-theming) and that MCP server directly provides tools that control prompts and code-generation, so this is a runtime external dependency that executes remote code.