jta
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill downloads binary executables from the untrusted GitHub repository 'hikanner/jta' in SKILL.md and scripts/install.sh. The repository is not on the list of trusted sources.
- COMMAND_EXECUTION (HIGH): The installation process requires 'sudo' to move the binary into /usr/local/bin, which constitutes high-privilege execution on an unverified binary.
- CREDENTIALS_UNSAFE (MEDIUM): The skill accesses and uses ANTHROPIC_API_KEY, GEMINI_API_KEY, and OPENAI_API_KEY, providing them to the untrusted jta binary.
- PROMPT_INJECTION (LOW): The skill has a surface for indirect prompt injection by processing untrusted JSON i18n files during translation. 1. Ingestion points: .json files found in common locale directories (locales/, i18n/, etc.). 2. Boundary markers: Absent in the execution instructions. 3. Capability inventory: Bash, Read, Write, Glob. 4. Sanitization: None identified; the tool directly interpolates and processes keys/values from source files.
Recommendations
- AI detected serious security threats
Audit Metadata