The rule "Dynamically executing code is security-sensitive" in PL/SQL code means that code which is executed at runtime, rather than being compiled and stored in the database, can pose a security risk. This is because the code is not checked for errors or malicious code before it is executed, and so can potentially be used to gain access to sensitive data or perform malicious actions. As such, it is important to ensure that any code which is executed dynamically is properly checked and secured before it is executed.