translate-content
Warn
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
scripts/language-router.pyandscripts/brand-voice-scorer.py) using shell commands that interpolate user-provided text and file paths. This pattern is vulnerable to command injection if the input contains shell metacharacters such as semicolons or backticks. - [DATA_EXFILTRATION]: The skill accesses brand profiles and guidelines stored in
~/.claude-marketing/and transmits this information to well-known translation services (DeepL, Google Cloud, Sarvam AI, Lara Translate) to ensure brand voice consistency. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted content for translation without using boundary markers or sanitization.
- Ingestion points: User-supplied text or file content via the 'Content to translate' input.
- Boundary markers: None present in the process description.
- Capability inventory: Execution of subprocesses (Python scripts), reading from the local filesystem (
~/.claude-marketing/), and making network requests via multiple MCP servers. - Sanitization: No sanitization or escaping of the input text is performed before it is processed by the scripts or translation services.
Audit Metadata