The Agent Skills Directory

[COMMAND_EXECUTION]: Uses git diff to identify modified translation files and grep to search for translation identifiers within the apps/ and libs/ directories. These commands are used for local project navigation and are appropriate for the skill's purpose.- [DATA_EXPOSURE & EXFILTRATION]: Accesses local file contents from .xlf, .ts, and .html files to provide context for translations. This access is localized to the project workspace, with no evidence of external network requests or data transmission.- [INDIRECT_PROMPT_INJECTION]: The skill processes data from source files that could potentially contain malicious content.
Ingestion points: Reads content from .xlf translation files and source code files (.ts, .html) via grep and file read operations.
Boundary markers: None explicitly defined in the prompt to separate untrusted file content from agent instructions.
Capability inventory: Includes shell command execution (git, grep) and file write capabilities to update XLF files in Step 5.
Sanitization: No explicit sanitization or validation of the translation IDs or source text is described before interpolation into search commands or presentation to the user.
Mitigation: A mandatory human-in-the-loop checkpoint ('Wait for user confirmation') is required before any generated content is applied to the codebase.

translate