erf-build
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
powershell.exeto run a script located at.claude/skills/epf-build/scripts/epf-build.ps1. It uses dynamic arguments derived from local configuration and user input. - [CREDENTIALS_UNSAFE]: The skill manages database authentication by accepting
-UserNameand-Passwordparameters. The provided examples show passwords being passed as plaintext command-line arguments, which can result in exposure through system process monitoring tools or shell history. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the
.v8-project.jsonfile. - Ingestion points: Reads configuration values such as
v8pathand database connection parameters from.v8-project.jsonin the project root. - Boundary markers: No markers or instructions are present to prevent the agent from interpreting malicious content within the JSON file as commands.
- Capability inventory: The skill has the capability to execute PowerShell commands, search the filesystem for executables, and interact with 1C databases.
- Sanitization: There is no evidence of validation or sanitization for the paths or parameters extracted from the configuration file before they are used in command construction.
Audit Metadata