Skills
skills/arman-kudaibergenov/1c-ai-development-kit/erf-dump/Gen Agent Trust Hub

erf-dump

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute powershell.exe with a specific script (epf-dump.ps1) to perform file decompilation tasks.
  • [CREDENTIALS_UNSAFE]: The skill handles sensitive database connection information, including usernames and passwords, which are passed as command-line arguments to the local script.
  • [PROMPT_INJECTION]: The skill processes external data from files like .v8-project.json and user-specified report files, creating an indirect prompt injection surface. Ingestion points: .v8-project.json and ErfFile (SKILL.md). Boundary markers: None identified in the provided instructions. Capability inventory: Command execution via powershell.exe and file system access via Read and Bash tools. Sanitization: No explicit validation or sanitization of input variables is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 08:36 AM