baoyu-format-markdown

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls execSync("npx autocorrect-node ...") (and invokes npx -y bun to run the scripts) which will fetch and execute packages from the npm registry (e.g. https://registry.npmjs.org) at runtime, and because spacing is enabled by default this remote package execution is a required runtime dependency.