printing-press-polish

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill repeatedly invokes the printing-press binary and its Setup explicitly tells users to install it via "go install github.com/mvanhorn/cli-printing-press/v4/cmd/printing-press@latest", which fetches and builds remote Go code that will be executed by the skill at runtime, meeting the criteria for a runtime-fetched dependency that can execute code.