lokalise
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill guides the agent to install the
lokalise2CLI from the official GitHub releases of the 'lokalise' organization. This is a trusted source, and the installation process is transparent. - [CREDENTIALS_UNSAFE] (SAFE): The skill correctly implements security best practices by requiring the use of an environment variable (
$LOKALISE_TOKEN) for API authentication instead of hardcoding or prompting for secrets in cleartext. - [COMMAND_EXECUTION] (SAFE): The commands executed are limited to standard localization workflows (upload, download, key management) using the official CLI tool. No suspicious command chaining or unauthorized system access patterns were detected.
- [DATA_EXFILTRATION] (SAFE): Network communication is restricted to the legitimate Lokalise API endpoints as mediated by the official CLI tool. No secondary or hidden exfiltration channels were identified.
Audit Metadata