translate
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute bundled Python scripts for document management and cleanup tasks.\n
- Evidence: SKILL.md contains logic to execute
python {SKILL_DIR}/scripts/split_md.pyfor file segmenting andpython {SKILL_DIR}/scripts/merge_md.pyfor reassembling translated parts.\n - Evidence: The skill performs maintenance by using
rmto delete temporary files like_glossary.mdand the_parts/directory after processing.\n- [PROMPT_INJECTION]: The skill processes arbitrary user-provided Markdown and text files, creating a surface for indirect prompt injection attacks.\n - Ingestion points: The primary agent reads the full content of source files into its context during the Phase 1 read-through specified in SKILL.md.\n
- Boundary markers: The skill employs a dedicated sub-agent prompt template in
references/subagent-prompt.mdwhich establishes a professional writer persona and provides strict translation-focused constraints to minimize the impact of embedded instructions.\n - Capability inventory: The skill has access to file system read/write tools, shell command execution via Bash, and the ability to delegate tasks to sub-agents.\n
- Sanitization: No explicit content sanitization or instruction-filtering is applied to the input text before it is passed to the translation engine, as the intended functionality requires full document processing.
Audit Metadata