i18n
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute standard shell commands (
cat,grep) and local project scripts (bun run i18n:types,node scripts/check-i18n.js) to interact with configuration and validate translation data. These operations are restricted to the local project environment and are typical for development assistants. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill accesses local JSON configuration and locale files. No access to sensitive system files (e.g., SSH keys, environment variables) or external network requests were detected. The file access is limited to the defined project structure.
- [PROMPT_INJECTION]: The skill contains instructional markers such as 'IMPORTANT' and 'CRITICAL' to ensure the agent uses the correct configuration source. These are benign and serve to improve the reliability of the agent's output rather than bypassing safety protocols.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from local translation files and configuration files.
- Ingestion points:
src/common/config/i18n-config.jsonand JSON files withinsrc/renderer/i18n/locales/. - Boundary markers: None identified in the provided instructions.
- Capability inventory: File system read (
cat), pattern matching (grep), and execution of local build/validation scripts (bun,node). - Sanitization: No explicit sanitization or validation of the content of translation files is described, though the
check-i18n.jsscript likely performs project-specific validation.
Audit Metadata