localize-campaign
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts
eval-runner.pyandbrand-voice-scorer.pyby interpolating{localized_content}directly into the shell command. This pattern is vulnerable to command injection if the content (either from the user or the translation service) contains shell metacharacters like semicolons or backticks. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes and executes commands based on external data.
- Ingestion points: Campaign assets provided as input and localized text returned from external translation services in
SKILL.md. - Boundary markers: No boundary markers or escaping rules are defined for the interpolation of translated content into script arguments.
- Capability inventory: The skill uses subprocess execution of local scripts to evaluate content quality and brand voice.
- Sanitization: The skill lacks sanitization, validation, or escaping logic for external content before passing it to the command line.
- [EXTERNAL_DOWNLOADS]: The skill coordinates with well-known translation services including DeepL, Google Cloud Translation, and Sarvam AI to process assets across multiple target markets.
Audit Metadata