react-native-i18n-workflow
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The script
scripts/add_translation.pyis vulnerable as it ingests untrusted data and interpolates it into TypeScript source files.\n - Ingestion points:
sys.argvinscripts/add_translation.py.\n - Boundary markers: None. The script does not validate input against TypeScript syntax boundaries.\n
- Capability inventory: Direct file-write access to
app/i18n/*.ts.\n - Sanitization: None. Input values containing quotes or other JavaScript control characters are not escaped.\n- Dynamic Execution (MEDIUM): The skill facilitates the automated modification of executable application code (
.tsfiles). The lack of input sanitization allows for the injection of malicious logic into the application codebase during the translation workflow.\n- Obfuscation (MEDIUM): Thescripts/add_translation.pyscript uses octal escapes (\1,\2,\3) within a formatted string. In Python, these evaluate to non-printable control characters (SOH, STX, ETX) rather than regex backreferences. Executing this script will corrupt source files with these hidden tokens, which can be used to hide payloads or evade simple scanners.\n- Metadata Poisoning (MEDIUM): Significant inconsistencies between the skill documentation ('Fitness Tracker App') and internal script metadata ('Purrsuit Mobile App') suggest a lack of provenance. Additionally, the script's regex logic is non-functional for the provided file structures, indicating the code may be deceptive or improperly vetted.
Audit Metadata