1c-test-runner
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly requests the
Bashtool and utilizes specific command-line utilities (/db-load-xml,/db-update) to modify system configurations. - [REMOTE_CODE_EXECUTION]: The skill workflow involves the AI generating BSL (1C) source code modules, writing them to the local filesystem, and then loading and executing that code within the 1C environment via the
1c-ai-debugMCP tools (run_unit_tests,execute_1c_code). This pattern constitutes dynamic code execution. - [PROMPT_INJECTION]: Indirect prompt injection surface (Category 8) identified. The skill ingests natural language requirements from users to generate executable logic without explicit safeguards.
- Ingestion points: User requests for test creation or module verification as defined in the skill's description.
- Boundary markers: Absent. The skill does not define delimiters or specific instructions to isolate user-provided data from the code generation context.
- Capability inventory: File system modification (
Write,Edit), shell execution (Bash), and database configuration updates. - Sanitization: No validation or sanitization of the generated BSL code is performed before it is applied to the system.
Audit Metadata