aiconfig-variations

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime API calls to the LaunchDarkly AI Configs endpoints (e.g. GET/POST to https://app.launchdarkly.com/api/v2/projects/{projectKey}/ai-configs/{configKey}) to fetch and store "instructions"/"messages" that directly control agent prompts and the skill requires LaunchDarkly API access, so this is a runtime external dependency that can control prompts.