i18n
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local Python script
scripts/i18n_sync.pyto synchronize translation keys across multiple locale files. This command execution is a core part of the skill's functionality and is restricted to the local environment. - [PROMPT_INJECTION]: The skill's functionality involves reading and analyzing user-provided HTML and JavaScript files, which presents a surface for indirect prompt injection.
- Ingestion points: Source files in
templates/andstatic/js/directories are read to identify hardcoded Chinese text. - Boundary markers: The skill does not explicitly define markers to prevent the agent from interpreting malicious instructions that might be embedded within comments or strings in the analyzed code.
- Capability inventory: The agent has the ability to execute a local Python script (
i18n_sync.py) and modify files in the project directories. - Sanitization: No specific sanitization or filtering of the file content is mentioned prior to processing.
Audit Metadata