apple-notes

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The extractor's install_ruby_parser() runs at runtime and performs git clone https://github.com/threeplanetssoftware/apple_cloud_notes_parser.git and then executes the downloaded Ruby parser (bundle install / ruby notes_cloud_ripper.rb), so remote code is fetched and executed as a required dependency for the "full" extraction path.