Skills
skills/kimny1143/claude-code-template/i18n-key-diff/Gen Agent Trust Hub

i18n-key-diff

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the find command to locate en.json and ja.json files within the project directory while explicitly excluding the node_modules directory to avoid processing dependency files.\n- [PROMPT_INJECTION]: The skill processes untrusted JSON data from the repository, which constitutes a potential surface for indirect prompt injection via malicious content in translation keys.\n
  • Ingestion points: Translation files (en.json, ja.json) identified during the search process in SKILL.md.\n
  • Boundary markers: Absent; the instructions do not include specific delimiters or warnings to ignore instructions that might be embedded within the JSON keys or values.\n
  • Capability inventory: The skill has the capability to search the filesystem and execute Python scripts to compare keys.\n
  • Sanitization: Absent; the skill performs standard JSON parsing and string extraction without explicit sanitization or filtering of the content before reporting results.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:33 PM