Skills
skills/qingchunwuhui/xianfengaiskills/web-article-translator/Gen Agent Trust Hub

web-article-translator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill processes untrusted data from external URLs and possesses file-write capabilities, creating a significant attack surface.
  • Ingestion points: Content fetched from external URLs via the webReader tool.
  • Boundary markers: Absent. There are no instructions to the agent to treat the fetched Markdown content strictly as data or to ignore embedded instructions.
  • Capability inventory: File system write operations (translated-{title}.md).
  • Sanitization: Absent. The skill instructions do not require the agent to filter or escape the fetched content before processing or saving.
  • Command Execution (LOW): While the skill uses a tool called webReader, there is no evidence of arbitrary shell command execution or untrusted script execution. The risk is primarily logical rather than technical code execution.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:52 AM