gemini-ocr-cli

SUSPICIOUS: the core OCR purpose matches the capabilities and the remote Gemini data flow is openly disclosed, but the undocumented forced secondary payload install creates a transitive trust problem. Overall this looks more like a real OCR integration with elevated supply-chain and secret-handling risk than confirmed malicious behavior.