db-load-xml
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The PowerShell script
db-load-xml.ps1accepts a-Passwordparameter and logs the entire command line (including the plaintext password) to the console usingWrite-Host "Running: 1cv8.exe $($arguments -join ' ')". This behavior leads to the exposure of sensitive credentials in the agent's log history. - [COMMAND_EXECUTION]: The skill facilitates the execution of
1cv8.exein designer mode with administrative privileges to replace or modify database configurations. This capability allows for significant changes to the local environment and application data. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by reading configuration data from
.v8-project.jsonand file paths from$ListFileor$Filesto build arguments for a system-level process. - Ingestion points: Reads the
.v8-project.jsonconfiguration file (referenced inSKILL.md) and external file lists provided via parameters inscripts/db-load-xml.ps1. - Boundary markers: Absent. There are no instructions or logic to delimit or ignore potentially malicious content within the ingested configuration files.
- Capability inventory: Execution of the 1C:Enterprise Designer executable via
Start-Processand the ability to write to the local file system (creation of temporary log and list files). - Sanitization: Absent. Data retrieved from the configuration files and parameters is used directly to construct the argument list for the subprocess without escaping or validation.
Audit Metadata