Skills
skills/dalehurley/phpbot/translate/Gen Agent Trust Hub

translate

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/translate.py ensures the presence of the deep-translator library by downloading it from the official Python Package Index (PyPI) if it is not already installed.
  • [COMMAND_EXECUTION]: The ensure_dependencies function within scripts/translate.py utilizes subprocess.run to programmatically execute the pip install command.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user input within the text parameter.
  • Ingestion points: The text parameter passed to the main function in scripts/translate.py.
  • Boundary markers: The translation output is prefixed with a descriptive string, providing a minor boundary between metadata and translated content.
  • Capability inventory: The script uses subprocess.run for environmental setup and performs network operations via the deep-translator library.
  • Sanitization: No explicit input sanitization or safety-oriented boundary markers are implemented to prevent the translation engine from following instructions embedded in the input text.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:31 AM