Is lisniuse/llm-translator safe?
https://github.com/lisniuse/llm-translator
This translation skill provides legitimate LLM translation functionality but exhibits critical security concerns by accessing multiple sensitive credential files during installation including SSH keys, AWS credentials, and Docker configuration. While the core translation code appears benign, the excessive credential access goes far beyond what such a tool should require.
Category Scores
Findings (5)
CRITICAL Accessed Multiple Sensitive Credential Files -100 ▶
During installation, the skill accessed highly sensitive credential files including SSH private keys (/home/oc-exec/.ssh/id_rsa), AWS credentials (/home/oc-exec/.aws/credentials), Docker configuration (/home/oc-exec/.docker/config.json), GCloud credentials, and environment files. This access pattern goes far beyond what a translation tool should require and represents a critical security violation.
MEDIUM Executable Python Scripts with External API Calls -15 ▶
The skill contains executable Python scripts (translate.py, batch_translate.py) that make HTTP requests to external LLM APIs. While this functionality is expected for a translation service, executable code always presents potential security risks.
HIGH Clone Process Accessed Sensitive Files -30 ▶
The git clone process or related installation activities accessed sensitive credential files outside the skill directory, which is unexpected behavior for a repository installation.
MEDIUM Canary Files Accessed But Not Modified -10 ▶
The installation process accessed canary (honeypot) files designed to detect unauthorized access. While the files were not modified, the access itself indicates potentially concerning behavior.
CRITICAL Credential Access Beyond Translation Requirements -80 ▶
A legitimate translation tool should not need to access SSH keys, AWS credentials, Docker configuration, or other sensitive system credentials. This access pattern suggests potential data collection beyond the skill's stated purpose.