Skills
skills/arman-kudaibergenov/1c-ai-development-kit/cf-validate/Gen Agent Trust Hub

cf-validate

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a PowerShell script (scripts/cf-validate.ps1) to perform XML validation using standard system libraries and does not download external code at runtime.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by reflecting values from processed XML files into tool output.
  • Ingestion points: The script reads configuration data from the path specified in the ConfigPath argument via [System.Xml.XmlDocument].
  • Boundary markers: No explicit delimiters or instructions are used to distinguish untrusted XML content from the tool's own reporting.
  • Capability inventory: The skill is capable of reading local files and writing results to a path specified by the user-provided OutFile parameter.
  • Sanitization: The script does not sanitize or escape text extracted from the XML (e.g., the Name property) before including it in the console output.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 08:35 AM