book-translation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): (Category 8
- Indirect Prompt Injection) The skill directs the agent to ingest and translate MDX and JSON files, which creates a surface for potential indirect prompt injection if the source text contains malicious instructions.\n
- Ingestion points: MDX chapter files in
src/content/book/and JSON localization files inmessages/.\n - Boundary markers: Absent; there are no instructions for the agent to ignore or delimit embedded directives within the book content.\n
- Capability inventory: Filesystem operations (
mkdir,cp), script execution (node scripts/check-translations.js), and development server execution (npm run dev).\n - Sanitization: Absent; the skill does not include steps to validate or escape the content being translated.\n- COMMAND_EXECUTION (SAFE): The shell commands provided (
mkdir,cp) and the scripts mentioned (node,npm) are standard repository maintenance tasks and do not target sensitive system files or involve unauthorized network access.
Audit Metadata