release

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs running "npx paperclipai@canary onboard", which at runtime fetches and executes remote npm package code (paperclipai@canary) and is required for the canary smoke test, so it directly executes external code.