translating-with-lmstudio
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection in the
cmd_translatefunction withinscripts/lmstudio-translate.py. - Ingestion points: Untrusted text enters the system via the
--textCLI argument orstdinwhen calling the script. - Boundary markers: The prompt template lacks delimiters or explicit instructions to isolate the user-provided text from the system's translation instructions.
- Capability inventory: The skill can execute shell commands for package management and make network requests to
localhost. - Sanitization: No escaping or validation is applied to the input text before it is concatenated into the final LLM prompt.
- [EXTERNAL_DOWNLOADS]: The skill references and downloads the
openaiPython package from the official PyPI registry. This installation is automated both in the setup instructions and at script runtime. - [COMMAND_EXECUTION]: The script
scripts/lmstudio-translate.pyusessubprocess.check_callto programmatically runpip install, representing dynamic execution of system commands for dependency management.
Audit Metadata