frontend-slides

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime scripts (scripts/export-pdf.sh and scripts/deploy.sh) invoke npm/npx to install and run remote packages (e.g., "npm install playwright", "npx playwright install chromium", "npm install -g vercel"), which fetch and execute code from the npm registry (https://registry.npmjs.org/) and Playwright's download endpoints, so they are runtime external dependencies that execute remote code.