image-translator

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface identified in the image translation workflow.\n
  • Ingestion points: The scripts/translate.py script extracts text from user-provided images via Claude's OCR capabilities.\n
  • Boundary markers: The script uses a structured JSON format to pass translations to the Gemini model but lacks robust delimiters or explicit instructions to ignore commands that might be embedded within the extracted text.\n
  • Capability inventory: The skill possesses network access to communicate with AI APIs (Anthropic, OpenAI-compatible, Gemini) and local file system access to read images and write translated outputs.\n
  • Sanitization: There is no evidence of sanitization or filtering of the text extracted from images before it is used as input for the Gemini model's image generation prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 09:16 AM
Security Audit — agent-trust-hub — image-translator