Translate CLI
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a generated command is run with these flags, local files could be overwritten without another prompt.
The CLI guide documents file mutation and confirmation-skipping flags. These are relevant to translation workflows but can overwrite user files if used carelessly.
`-i, --in-place`: overwrite input file(s) in place ... `-y, --yes`: skip confirmations.
Review commands before running them, use `--dry-run` where possible, avoid `--in-place --yes` on important files or broad globs unless you have backups.
API keys may authorize paid provider usage and should be treated as secrets.
The skill documents use of provider credentials for OpenAI, Anthropic, and DeepL. This is expected for the stated provider-integration purpose.
`openai` ... credential: `OPENAI_API_KEY` (or `--api-key`, or config `providers.openai.api_key`)
Prefer environment variables or trusted local config, avoid pasting real API keys into chat, and scope/rotate keys according to provider guidance.
Sensitive documents could leave the local machine when using cloud or third-party endpoints.
The guide supports cloud and user-specified provider endpoints, so translated text or file contents may be sent to external services as part of normal operation.
default base URL: `https://api.openai.com` ... `https://api.anthropic.com` ... `openai-compatible` ... requires both base URL and model
Use local providers such as Ollama or trusted endpoints for sensitive material, and confirm the selected provider/base URL before translating private files.
Unexpected or untrusted config/prompt files could change provider choice, prompts, or output behavior in later commands.
Persistent config and prompt presets can store defaults and prompt templates that influence future translation runs.
Default: `~/.config/translate/config.toml` ... `[presets.markdown-custom]` ... `system_prompt_file = "prompts/system.txt"`
Review persistent TOML config and prompt files, especially before using shared presets or translating sensitive content.