agents-v2-py

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill config references container images hosted at registry URLs (e.g., myregistry.azurecr.io/my-agent:latest, myregistry.azurecr.io/data-processor:v1.0, myregistry.azurecr.io/async-agent:latest) which are fetched and executed at runtime as the hosted agent container image, meaning remote code is pulled and run and is therefore a runtime external dependency that can execute code.