Skills
AGENT LAB: SKILLS
skills/lattifai/omni-captions-skills/omnicaptions-translate/Gen Agent Trust Hub

omnicaptions-translate

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill instructs the installation of omni-captions-skills using an --extra-index-url pointing to https://lattifai.github.io/pypi/simple/. This source is not on the trusted list and using extra-index URLs is a known vector for dependency confusion attacks.
  • CREDENTIALS_UNSAFE (HIGH): The skill documentation explicitly targets sensitive file paths for credential extraction, including ~/.config/omnicaptions/config.json and .env files. Accessing these paths exposes potential secrets to the agent environment.
  • COMMAND_EXECUTION (MEDIUM): The skill utilizes the Bash tool to execute omnicaptions commands. While necessary for the stated functionality, it allows the agent to run arbitrary subcommands under the omnicaptions namespace.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to process untrusted external data.
  • Ingestion points: Processes user-provided caption files (.srt, .vtt, .ass, etc.).
  • Boundary markers: None detected; the skill treats caption text as raw data for translation.
  • Capability inventory: Access to Bash, Read, Write, and Glob tools allows for file modification and command execution.
  • Sanitization: No explicit sanitization or instruction-ignoring delimiters are defined for the processed text.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 05:02 PM