language
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a standard utility for maintaining local user preferences with no evidence of malicious intent or hidden behaviors.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via its language detection feature.
- Ingestion points: User-provided text strings are analyzed in SKILL.md for Chinese character ratios to determine the current language.
- Boundary markers: No explicit delimiters are present to isolate untrusted user input from the detection logic.
- Capability inventory: The skill uses 'Read' and 'Write' tools to modify the local data/user-settings.json configuration file.
- Sanitization: The detection algorithm effectively sanitizes the input by restricting persistent outputs to a set of hardcoded strings ('en' or 'zh-CN'), preventing malicious payload persistence.
Audit Metadata