best-practices
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Unverifiable Dependencies] (LOW): The skill references external packages such as better-i18n, @better-i18n/next, and @better-i18n/use-intl which are not from trusted organizations.
- [Indirect Prompt Injection] (MEDIUM): The skill describes tools that ingest untrusted data from source code and AI translation services. Mandatory Evidence Chain: 1. Ingestion points: Source code AST parsing and AI translation inputs; 2. Boundary markers: None mentioned in the skill; 3. Capability inventory: MCP server (create, update, delete keys) and CLI (GitHub synchronization); 4. Sanitization: No sanitization or validation mentioned.
- [Command Execution] (MEDIUM): The skill guides the agent to run CLI commands such as 'better-i18n scan' and 'better-i18n sync' which involve local file system access and network synchronization.
Audit Metadata