paper-poster

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's Phase 0 setup downloads and later runs the TeX Live installer from https://mirror.ctan.org/systems/texlive/tlnet/install-tl-unx.tar.gz (curl ... | tar xz then ./install-tl), which fetches remote code at runtime and executes it, making it a required runtime dependency for the installation path.