salesforce-ci-integration

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The GitHub Actions workflow uses runtime-fetched actions and packages that execute remote code — e.g., actions/checkout@v4 (https://github.com/actions/checkout), actions/setup-node@v4 (https://github.com/actions/setup-node), and npm install -g @salesforce/cli (fetched from the npm registry) — which are pulled and run during CI and are required for the skill.