What potential security risks are associated with PHP scripts that include external JavaScript code?

Including external JavaScript code in PHP scripts can introduce security risks such as cross-site scripting (XSS) attacks if the external code is not properly sanitized or validated. To mitigate this risk, it is important to carefully review and validate any external JavaScript code before including it in PHP scripts.

<?php
$externalScript = "http://example.com/external.js";

// Validate the external script URL before including it
if (filter_var($externalScript, FILTER_VALIDATE_URL)) {
    echo "<script src='$externalScript'></script>";
} else {
    echo "Invalid external script URL";
}
?>