uapi-post-ai-translate

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill serves as documentation for an external translation API. No malicious behaviors, obfuscation, or unauthorized access patterns were identified. Findings related to network access and API key usage are consistent with the skill's stated purpose and follow security best practices by advising users to manage their own keys.- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by ingesting and processing untrusted text for translation.\n
  • Ingestion points: The request body for POST /ai/translate in references/operations/post-ai-translate.md.\n
  • Boundary markers: Not documented; the system lacks specific instructions to differentiate between input text and agent commands.\n
  • Capability inventory: The skill performs network POST requests to the vendor's API endpoint.\n
  • Sanitization: No specific input sanitization or safety filtering for the text being translated is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 06:42 AM
Security Audit — agent-trust-hub — uapi-post-ai-translate