translate
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script at
./tooling/scripts/list-translate-files.shto determine which files require translation based on modification dates. This is a core functionality for the vendor's workflow. - [PROMPT_INJECTION]: The skill processes external MDX content for translation, creating a surface for indirect prompt injection.
- Ingestion points: The agent reads and translates MDX files.
- Boundary markers: There are no explicit delimiters or instructions telling the agent to treat the input content purely as data or to ignore embedded instructions.
- Capability inventory: The agent can execute local shell scripts and write back to the filesystem.
- Sanitization: No sanitization or validation of the input MDX content is performed before processing.
Audit Metadata