memory-fabric

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill declares a required MCP server that is started with "npx -y @anthropic/memory-mcp-server" which at runtime fetches and executes remote npm package code ( @anthropic/memory-mcp-server ), making it a required external runtime dependency that executes remote code.