1c-feature-dev
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the
Bashtool to perform implementation tasks, which allows for the execution of arbitrary system commands. While intended for 1C development, this capability requires oversight to prevent misuse. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external codebase content to drive its logic.
- Ingestion points: Phase 2 uses
Grep,Glob, andmetadatasearchto ingest content from the 1C codebase, while Phase 0 ingests user-provided arguments. - Boundary markers: The skill lacks explicit markers or instructions to treat analyzed code as passive data, increasing the risk that embedded instructions in the codebase could be followed by the agent.
- Capability inventory: The skill possesses high-impact capabilities including file system modification (
Write,Edit), system command execution (Bash), and the ability to delegate work to sub-agents (Task). - Sanitization: There is no evidence of sanitization or validation of the content retrieved from the codebase before it is incorporated into the architecture planning in Phase 4.
Audit Metadata