translate
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local bash script to identify files needing translation.
- Evidence: The command syntax
./tooling/scripts/list-translate-files.sh [days]is documented in the SKILL.md file. - Context: This is used to calculate the time elapsed since the last document modification.
- [PROMPT_INJECTION]: The skill processes MDX and JSX content, creating a surface for indirect prompt injection.
- Ingestion points: Content provided for translation in the MDX format.
- Boundary markers: No explicit security boundary markers or 'ignore embedded instructions' warnings are used when interpolating content.
- Capability inventory: The agent has the ability to execute shell commands (specifically the
list-translate-files.shscript). - Sanitization: No sanitization or validation of the input MDX content is described before processing.
Audit Metadata