automating-github-actions

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's workflow uses GitHub Actions that are fetched and executed at runtime (e.g., actions/checkout@v4 -> https://github.com/actions/checkout, actions/setup-node@v4 -> https://github.com/actions/setup-node, amondnet/vercel-action@v20 -> https://github.com/amondnet/vercel-action), so external code is retrieved and run as required dependencies of the skill.