Skills
skills/ywj3493/claude-skills/sync-translations/Gen Agent Trust Hub

sync-translations

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes find and git log commands to list documentation files and audit their commit history to determine if translations are missing or stale. This is legitimate behavior for its stated purpose.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted content from markdown files during the translation process.
  • Ingestion points: English source files located in docs/en/specifications/, docs/en/issue/, and docs/en/policy/ (SKILL.md).
  • Boundary markers: No delimiters or warnings are used when passing the file content to the translation logic (SKILL.md).
  • Capability inventory: The skill has the capability to write files to the docs/ko/ directory (SKILL.md).
  • Sanitization: The skill reads the English source file completely and translates the prose without validating or filtering for embedded instructions (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 01:43 AM