odoo-i18n
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to assist with Odoo translation workflows. All analyzed scripts (
i18n_converter.py,i18n_extractor.py,i18n_reporter.py, andi18n_validator.py) perform standard file processing and analysis tasks related to translation management without any suspicious or malicious side effects. - [SAFE]: A minor metadata discrepancy exists between the author name in the YAML frontmatter ('TaqaTechno') and the developer context ('ahmed-lakosha'). This is considered a low-risk branding choice and does not indicate a security concern.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it processes untrusted data from an Odoo codebase.
- Ingestion points: Python, XML, and JavaScript source files are read by
i18n_extractor.pyandi18n_validator.pyto identify translatable strings. - Boundary markers: No explicit boundary markers or 'ignore' instructions are used when interpolating extracted strings into the agent's context.
- Capability inventory: The skill has access to
Bash,Read,Write, andEdittools, allowing for significant codebase modification. - Sanitization: The skill mitigates risks associated with bidirectional text attacks by including a specific check in
i18n_validator.pyfor Bidi override characters (e.g., U+202E, U+202D), which are flagged as security issues.
Audit Metadata