localize-ios

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The included script is invoked at runtime via swift sh .claude/skills/localize-ios/scripts/add_to_xcodeproj.swift, and its header explicitly states dependencies are resolved at runtime by swift-sh (notably the XcodeProj package, e.g. https://github.com/tuist/XcodeProj), meaning the skill will fetch and execute remote package code as a required runtime dependency.