azure-dev-box

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires network access and at runtime uses mcp_microsoftdocs:microsoft_docs_fetch or fetch_webpage to retrieve Markdown from Microsoft Docs (e.g., https://learn.microsoft.com/en-us/azure/dev-box/how-to-resolve-dev-box-connectivity-issues), which will be injected into the agent's context and thus directly influence prompts/instructions—so this external URL is a required runtime dependency that controls agent behavior.