i18n-localization
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from the user's project files.
- Ingestion points: The
scripts/i18n_checker.pyscript recursively reads content from local project files (e.g., .js, .py, .vue) and JSON locale files usingPath.read_text(). - Boundary markers: No delimiters or instructions are used to distinguish the analyzed file content from the script's control logic when reporting findings to the agent.
- Capability inventory: The script is limited to read-only operations via the Python
pathlibandjsonmodules. It does not perform network operations, file writes, or subprocess executions. - Sanitization: The script performs regex matching and prints slices of the matching text. It does not sanitize the content of the files it reads before displaying them, which could allow an attacker to embed instructions in code comments or strings that an agent might mistakenly follow during analysis.
Audit Metadata