web-article-translator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection due to its core functionality. Ingestion points: Data is ingested from arbitrary external URLs using the
mcp__web_reader__webReadertool. Boundary markers: The instructions do not define any delimiters or system-level warnings to distinguish between the content to be translated and potential instructions within that content. Capability inventory: The skill has the capability to write files to the local file system (translated-{title}.md). Sanitization: There is no mention of sanitizing or filtering the content retrieved from the web before it is processed by the model.
Audit Metadata