performance-test

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The CI workflow includes external GitHub Action references that are fetched and executed at runtime (e.g., actions/checkout@v4, actions/setup-node@v4, grafana/k6-action@v0.3.1, actions/upload-artifact@v4), which means remote code is downloaded and run as a required dependency for the job.