mol-3d-viewer

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill dynamically loads and executes remote JavaScript from the 3Dmol CDN (https://3Dmol.org/build/3Dmol-min.js) when it uses Playwright to open the generated HTML for screenshotting, so this URL is fetched at runtime and executes remote code that the skill relies on for rendering.