firebase-basics

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The document includes a runtime fetch instruction—"gemini extensions install https://github.com/firebase/agent-skills"—which installs a remote agent-skills repository that the skill depends on and that can modify agent behavior or execute code, so this is a risky external dependency.