image-translator
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface identified in the image translation workflow.\n
- Ingestion points: The
scripts/translate.pyscript extracts text from user-provided images via Claude's OCR capabilities.\n - Boundary markers: The script uses a structured JSON format to pass translations to the Gemini model but lacks robust delimiters or explicit instructions to ignore commands that might be embedded within the extracted text.\n
- Capability inventory: The skill possesses network access to communicate with AI APIs (Anthropic, OpenAI-compatible, Gemini) and local file system access to read images and write translated outputs.\n
- Sanitization: There is no evidence of sanitization or filtering of the text extracted from images before it is used as input for the Gemini model's image generation prompt.
Audit Metadata