The Agent Skills Directory

[SAFE]: The skill's instructions and scripts were analyzed for all 10 threat categories, and no active malicious patterns were detected.
[COMMAND_EXECUTION]: The skill includes Python scripts (scripts/translate_batch.py and scripts/translate_markdown.py) that perform file read and write operations. These are used to read the source content and save the translated results to the local filesystem.
[DATA_EXFILTRATION]: No network exfiltration patterns or hardcoded credentials were found. The scripts operate entirely on local data.
[PROMPT_INJECTION]: The SKILL.md file contains legitimate instructions for translation tasks and does not include any attempts to bypass safety filters or override system prompts.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to process external, untrusted content (text and files) for translation, which presents a surface for indirect prompt injection.
Ingestion points: Files are read via the translate_file and translate_markdown_file functions in the included scripts.
Boundary markers: SKILL.md instructs the agent to refuse translating sensitive content, but no technical markers or delimiters are used in the prompt interpolation.
Capability inventory: The skill uses Python scripts to perform filesystem I/O (open for reading and writing).
Sanitization: There is no automated sanitization of the input text or validation of file paths within the provided scripts.

translate-en-zh