i18n-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The content consists of technical instructions and workflow documentation for developers. No patterns attempting to override agent behavior or bypass safety filters were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or unauthorized network operations were identified. The file access in the provided script snippet is limited to local translation JSON files.
- [Remote Code Execution] (SAFE): The shell commands (
pnpm dev) and scripts (scripts/check-i18n.ts) are standard developer tools for local environment execution and do not involve downloading or executing remote code. - [Obfuscation] (SAFE): The file is written in cleartext Markdown and TypeScript with no Base64, zero-width characters, or homoglyph attacks.
- [Indirect Prompt Injection] (LOW): While the skill processes external translation data (JSON), it describes a standard developer-controlled workflow. The risk of untrusted data influencing the agent is negligible as the data consists of localized strings used within a UI framework (React) that provides built-in sanitization.
Audit Metadata