i18n-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of markdown documentation. No executable code, scripts, or binaries are included in the skill package.
- [EXTERNAL_DOWNLOADS] (LOW): The documentation recommends installing several Node.js packages, such as @better-i18n/cli and @better-i18n/next. While these are from an organization not on the pre-defined trusted list, they are standard dependencies for the platform and no automated installation or execution is performed by the skill itself.
- [COMMAND_EXECUTION] (LOW): The skill documentation describes the use of CLI commands for i18n workflows. These commands are typical for the stated purpose of the tool and are not executed by the agent without user intent.
- [PROMPT_INJECTION] (LOW): The documentation describes AI-assisted translation workflows which ingest user-provided codebase strings. This represents a surface for indirect prompt injection, which is a common characteristic of such tools rather than a vulnerability in the skill's own instructions.
Audit Metadata