flutter-localization

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates fetching translation data from Google Sheets, which is a well-known and reputable service.
  • [COMMAND_EXECUTION]: Instructions describe the use of flutter pub run sheet_loader_localization:main to synchronize local localization files with remote data, a common practice in Flutter development.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface as it processes external content from Google Sheets into the application.
  • Ingestion points: External Google Sheets (referenced in references/sheet-loader.md).
  • Boundary markers: Not specified for the content of translation files.
  • Capability inventory: Subprocess execution via the Flutter CLI (flutter pub run).
  • Sanitization: No explicit sanitization or filtering of translation data is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 07:21 AM
Security Audit — agent-trust-hub — flutter-localization