urdu-language-support

[Skill Scanner] URL with free hosting platform or high-abuse TLD detected No malicious code or backdoor patterns were found in the provided fragments. The skill's capabilities match its stated goal (UI translations, RTL support, Urdu prompts for the AI agent). The main risks are standard supply-chain and privacy concerns: unpinned npm dependencies, network requests to Google Fonts, and forwarding user messages to an external LLM provider. The dynamic import of locale files should be constrained/validated (middleware already lists locales), and the team should document where model/provider calls are sent and ensure dependencies are pinned/audited. LLM verification: This skill implements Urdu i18n and RTL support and updates an AI assistant to respond in Urdu. The code is consistent with its described purpose and contains no obvious malware or credential harvesting. Main risks are supply-chain (unpinned npm installs), and limited ambiguity about where and how the Agent/Runner communicates with the external model and how credentials (if any) are handled. Also review the omitted 'tools' list in Agent for excessive capabilities. Recommend pinning dependencies,