mk-youtube-audio-transcribe

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill auto-downloads and builds/installs remote executable code at runtime (e.g., git clone https://github.com/ggml-org/whisper.cpp.git in scripts/_build_whisper.sh, and curl downloads from https://ffmpeg.martin-riedl.de/... and https://huggingface.co/... in the download scripts), which fetches remote code/binaries that are then executed or relied on as required dependencies.