db-load-cf
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
powershell.exeto run thedb-load-cf.ps1script and1cv8.exe(1C Enterprise Designer) to update database configurations. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through data ingestion. 1. Ingestion points: Reads project metadata from
.v8-project.jsonand execution results fromload_cf_log.txt. 2. Boundary markers: No explicit delimiters or ignore-instructions are used to wrap data ingested from external files. 3. Capability inventory: The skill can execute shell commands via PowerShell and binary operations via the 1C platform. 4. Sanitization: The PowerShell script uses the-ArgumentListarray inStart-Process, which safely handles parameters and prevents injection into the underlying shell command.
Audit Metadata