translate-mom-tweets
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface by processing untrusted SRT subtitle data.
- Ingestion points: Subtitle content is fetched from remote URLs provided by the translate.mom API in
scripts/fetch_srt.sh. - Boundary markers: Absent. The agent reads the dialogue text directly without delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill executes shell scripts and generates text for user-facing tweet drafts.
- Sanitization: Absent. Subtitle content is cleaned for formatting (timestamps) but not for malicious instructional content.
- EXTERNAL_DOWNLOADS (LOW): The skill performs network operations via
curltoplausible.translate.mom. This domain is not on the trusted external sources list, although it appears related to the skill's primary purpose. - COMMAND_EXECUTION (LOW): The skill relies on local bash scripts to perform its core functions. While the scripts follow some best practices (double-quoting variables,
set -euo pipefail), they provide a command execution surface that processes external inputs.
Audit Metadata