language-injection
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- System Prompt Modification: The skill describes a mechanism for appending language instructions to system prompts based on the Accept-Language header. This is a standard localization technique for LLM agents.
- Input Processing: User-controlled headers are used to determine the language. The implementation relies on internal mapping functions (build_language_instruction), which typically use predefined templates for supported languages, mitigating the risk of arbitrary content injection from the header.
- Separation of Concerns: The use of message_code for backend messages is a security and maintainability best practice, ensuring that translations are managed centrally in the frontend without requiring code changes in the agent logic.
Audit Metadata