i18n-localization
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No patterns found attempting to override agent instructions or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): No sensitive file access, hardcoded credentials, or network requests detected. The script is designed to read only specific code and localization file extensions.
- Remote Code Execution (SAFE): No use of
eval(),exec(), orsubprocess. The script relies entirely on Python's standard library for file traversal and regular expression matching. - Indirect Prompt Injection (LOW): The
i18n_checker.pyscript reads external file content from a user-specified directory. Evidence Chain: 1. Ingestion points:scripts/i18n_checker.pyreads local code and JSON files. 2. Boundary markers: Absent. 3. Capability inventory: The script only prints results to the console; it has no file-write or network capabilities. 4. Sanitization: Output is limited to first 40 characters of regex matches to prevent large-scale data ingestion. Severity is LOW as it is a diagnostic tool. - Persistence & Privilege Escalation (SAFE): No attempts to modify system configurations, shell profiles, or acquire elevated permissions.
Audit Metadata