nodeops-auth

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs running "npm install @nodeops-createos/integration-oauth" and then imports/exports code from that package (e.g., export { GET, POST } from '@nodeops-createos/integration-oauth/server'), which means remote code is fetched at setup/runtime and will be executed in the app — flagging the external dependency @nodeops-createos/integration-oauth (installed via npm) as a runtime executable dependency.