prompt-writer

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly requires external character assets at runtime — e.g., an image_urls reference sheet URL and a character.json promptBase uploaded via the Characters API — which are fetched/used to lock character identity and are directly prepended/injected into prompts (so I flag the image_urls / character.json reference sheet URL as the external dependency).