Ark Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs cloning the remote repository git@github.com:mckinsey/agents-at-scale-ark.git at runtime and that repo explicitly contains "Agent definitions and queries" and A2A examples which can directly control agent prompts/instructions, so the fetched content can influence agent behavior.