multi-lang-readme
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: CRITICALPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill exhibits an indirect prompt injection surface (Category 8) by reading untrusted project README files and passing them to an LLM for translation without delimiters or instructions to ignore embedded commands. Evidence: Ingestion point is the local README.md; Boundary markers are absent in the translation step; Capabilities include reading and writing local files; Sanitization is absent.
- [Metadata Poisoning] (SAFE): The automated alert for 'README.de.md' is a false positive caused by the scanner misidentifying a German locale filename as a phishing URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata