db-dump-xml
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The PowerShell script uses
Start-Processto execute the 1C platform binary. The path to this executable (V8Path) can be dynamically provided through the-V8Pathparameter or read from a.v8-project.jsonfile, allowing for the execution of arbitrary binaries if the path is manipulated. - [CREDENTIALS_UNSAFE]: The skill explicitly handles sensitive database credentials, including
-UserNameand-Password. These are passed as command-line arguments to the PowerShell script, which can result in exposure through process monitoring logs or history files. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its reliance on the
.v8-project.jsonconfiguration file. - Ingestion points: The skill is instructed to read
v8pathand database connection aliases from.v8-project.jsonin the root of the project. - Boundary markers: There are no boundary markers or validation steps to ensure the configuration file has not been tampered with by an external actor.
- Capability inventory: The skill has the capability to execute system commands via the Bash tool and specifically triggers a PowerShell script that spawns new processes.
- Sanitization: While the script checks for the existence of the file path using
Test-Path, it does not verify the signature or origin of the executable it runs.
Audit Metadata