nix-flakes

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime commands that fetch and run remote flakes (e.g., github:nixos/nixpkgs/nixos-unstable via "nix flake prefetch" / as an input in flake.nix and github:numtide/treefmt via "nix run"), which will retrieve external code at runtime and can execute it, making these URLs runtime dependencies that control executed code.