gemini-translate

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The script can invoke pnpx @google/gemini-cli at runtime (which will fetch and execute the @google/gemini-cli package from the npm registry, e.g. https://registry.npmjs.org/@google/gemini-cli), meaning remote code is executed to process the PROMPT constructed by this skill.