google-trends-research

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill makes required runtime calls to the PostPlus hosted APIs (e.g. ${config.apiBaseUrl}/api/postplus-cli/hosted/collection and ${auth.apiBaseUrl}/api/postplus-cli/auth/refresh) which invoke hosted collection/capability execution on a remote service and therefore execute remote code / control the skill run, so these endpoints are runtime external dependencies that could affect agent behavior.