translate
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process content from external document files (.typ and .qmd) which are not under the system's control.
- Ingestion points: Data is read from files specified by the
source_fileargument using theRead,Grep, andGlobtools. - Boundary markers: The skill lacks explicit instructions to treat document content as data only or to ignore instructions embedded within the source documents.
- Capability inventory: The skill is granted access to high-privilege tools including
Bash,Task,Write, andEdit, which could be abused if the agent inadvertently follows instructions found inside a document being translated. - Sanitization: There are no described methods for sanitizing or validating the document content before it is processed by the agent or passed to the allowed tools.
Audit Metadata