agent-orchestration

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime Model Context Protocol (MCP) endpoints such as https://api.example.com/mcp and https://mcp.example.com/mcp (and examples that launch MCP servers via npx like @modelcontextprotocol/server-filesystem), which are fetched/started at runtime and can supply external tool definitions or execute code that directly controls agent behavior and prompts.