epf-bsp-add-command
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection through data ingestion.
- Ingestion points: Reads 1C source files such as 'ObjectModule.bsl' and form modules via 'Read' and 'Glob' tools.
- Boundary markers: Lacks delimiters or instructions for the agent to ignore potentially malicious content within the analyzed source files.
- Capability inventory: The skill utilizes 'Edit', 'Read', 'Glob', and 'Grep' tools, enabling it to read from and write to the local filesystem.
- Sanitization: User-provided arguments (e.g., Identifier, Representation) are interpolated directly into BSL code templates without validation or escaping, which could lead to malformed code generation if inputs are malicious.
Audit Metadata