zeabur-migration

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires running "npx zeabur@latest", which causes npx to fetch and execute the Zeabur CLI package from the npm registry at runtime (i.e., remote code execution), so "npx zeabur@latest" is a flagged external runtime dependency.