Localization Readiness Audit

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a read-only localization audit skill with clear boundaries and no evidence of hidden execution, persistence, credential use, or destructive behavior.

Install this only if you want an internal draft localization readiness review. Expect to provide project and localization details, but avoid sharing secrets, customer data, or unnecessary unreleased content. Treat the output as a draft for product, engineering, globalization, and legal review rather than a final launch or compliance decision.

SkillSpector (1)

By NVIDIA

Unbounded Output

Medium

Category: Output Handling
Content: - Pseudolocalization enabled in CI for at least one build that exercises the full UI - Expansion budget known (rule of thumb: short strings can grow 100–300%, German typically 30%, Russian 30–50%, Japanese can compress to 60%) - No fixed-width / fixed-height containers around translated text without overflow handling - No truncation that hides essential meaning (especially for verbs, prices, error messages) - Text-baseline alignment respects taller scripts (Devanagari, Thai, Arabic) — line-height not pinned to Latin x-height - Font stack covers target scripts (CJK, Arabic, Cyrillic, Devanagari, Thai, …) and fallbacks tested - Variable fonts / web-font subsets serve the right script
Confidence: 60% confidence
Finding: No truncation

Static analysis

No static analysis findings were reported for this release.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal