registry  /  i18ntk  /  5.0.0

i18ntk@5.0.0

i18n Tool Kit - Zero-dependency internationalization toolkit for setup, scanning, analysis, validation, auto translation, fixing, reporting, and runtime translation loading.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. No install-time attack surface was found. The explicit `skills` CLI command can install this package's bundled agent skill into configured personal or project agent-skill directories.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs the `skills` command, optionally with agent and scope flags.
Impact
Modifies selected AI-agent skill directories or executes a user-selected local translator module.
Mechanism
Explicit first-party agent-skill installation and user-selected custom translator loading.
Rationale
Source inspection found explicit user-command agent-skill installation and dynamic loading of a user-designated translator, but no install-time execution, credential harvesting, exfiltration, remote payload execution, or destructive persistence. Per policy, the first-party agent-extension setup warrants a warning rather than a block.
Evidence
package.jsonmain/manage/index.jsmain/manage/commands/SkillsCommand.jsutils/skill-installer.jsmain/i18ntk-translate.jsutils/translate/safe-network.jsskills/i18ntk/SKILL.mdskills/i18ntk/agents/openai.yaml~/.codex/skills/i18ntk~/.claude/skills/i18ntk~/.copilot/skills/i18ntk~/.agents/skills/i18ntk

Decision evidence

public snapshot
AI called this Suspicious at 89.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `utils/skill-installer.js` can copy bundled skills into Codex, Claude, Copilot, and shared agent skill directories.
  • `main/manage/commands/SkillsCommand.js` performs those writes when the user explicitly runs the `skills` command; noninteractive flags can select targets.
  • `main/i18ntk-translate.js` dynamically requires a user-supplied `--translate-fn` module after path validation.
Evidence against
  • `package.json` contains no preinstall, install, postinstall, prepare, or other lifecycle hook.
  • `SkillsCommand` prompts for destination selection and confirmation in interactive mode; it installs only package-owned `skills/i18ntk` content.
  • `utils/translate/safe-network.js` restricts translation requests to HTTPS allowlisted provider hosts and paths by default.
  • Entrypoints invoke CLI behavior only behind `require.main === module`; no import-time payload execution found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 108 file(s), 1.61 MB of source, external domains: api-free.deepl.com, i18ntk.dev, libretranslate.com, translate.googleapis.com

Source & flagged code

2 flagged · loading source
settings/settings-cli.jsView file
6L7: const cliHelper = require('../utils/cli-helper'); L8: const fs = require('fs');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

settings/settings-cli.jsView on unpkg · L6
main/i18ntk-scanner.jsView file
matchType = previous_version_dangerous_delta matchedPackage = i18ntk@4.6.1 matchedIdentity = npm:aTE4bnRr:4.6.1 similarity = 0.724 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

main/i18ntk-scanner.jsView on unpkg

Findings

1 High3 Medium4 Low
HighPrevious Version Dangerous Deltamain/i18ntk-scanner.js
MediumDynamic Requiresettings/settings-cli.js
MediumNetwork
MediumEnvironment Vars
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License