skills/hungv47/meta-skills/polish-vn/Gen Agent Trust Hub

polish-vn

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security vulnerabilities or malicious patterns were identified in the skill. It is designed for linguistic processing and follows clear procedural rules.
  • [COMMAND_EXECUTION]: The skill includes several TypeScript utility scripts (e.g., manifest-sync.ts, scaffold-eval-loop.ts) designed to run in the Bun environment. These scripts perform local file operations such as creating directories and writing JSON/TSV metadata. They include robust security checks, such as using realpathSync to prevent path traversal and explicitly refusing to follow symbolic links (lstatSync(path).isSymbolicLink()) to protect against link-based attacks.
  • [PROMPT_INJECTION]: The agent instruction files focus on register calibration and translation artifact detection. They do not contain any instructions that attempt to bypass safety guidelines or override the agent's core programming.
  • [DATA_EXFILTRATION]: All file operations are restricted to the local project directories (docs/forsvn and .forsvn). There are no network requests to untrusted external domains for data exfiltration.
  • [SAFE]: The skill process involves analyzing user-provided Vietnamese text. It mitigates potential indirect prompt injection by enforcing strict meaning preservation rules and using a critic agent to verify the output against the original source.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 07:24 AM
Security Audit — agent-trust-hub — polish-vn