Skills
skills/arman-kudaibergenov/1c-ai-development-kit/cfe-diff/Gen Agent Trust Hub

cfe-diff

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and outputs content from 1C source code (.bsl) and XML configuration files. A malicious file could include instructions intended to trick the agent's analysis.
  • Ingestion points: Files are read from paths specified in the $ExtensionPath and $ConfigPath parameters within the scripts/cfe-diff.ps1 script.
  • Boundary markers: The output does not utilize specific delimiters or instructions to prevent the agent from following directives found within the analyzed code.
  • Capability inventory: The skill's capabilities are restricted to reading local files and displaying data; it cannot write files, access the network, or execute arbitrary system commands.
  • Sanitization: Content from external files is printed directly without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 10:28 AM