arcgis-authentication

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes a runtime script tag that loads and executes remote JavaScript from https://js.arcgis.com/4.34/, which is a required dependency fetched at runtime and thus constitutes executing remote code (supply-chain/runtime risk).