saccoai-multilingual
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
npm install next-intlduring Phase 2 to set up the internationalization framework. This is an expected operation using a well-known library for Next.js applications. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it extracts and processes text content from the project's source code for translation. 1. Ingestion points:
src/data/*.ts, JSX text nodes, metadata, UI strings, and Alt text (Phase 1). 2. Boundary markers: Absent. No specific delimiters are used to wrap the extracted text or warn the translation agent about potentially malicious content. 3. Capability inventory: The skill performs package installations and has extensive file system access to modify components, middleware, and project configuration. 4. Sanitization: Absent. The skill relies on the AI to return valid JSON but does not sanitize the input strings for instructions that could influence the translation agent's behavior.
Audit Metadata