vector-forge

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Mull install instructions tell the operator to run a remote install script (e.g. curl -1sLf 'https://dl.cloudsmith.io/public/mull-project/mull-stable/setup.deb.sh' | sudo -E bash and the RPM variant), which fetches and executes remote shell code at runtime and Mull is required by the skill for C/C++ mutation testing.