Skills
skills/arman-kudaibergenov/1c-ai-development-kit/erf-validate/Gen Agent Trust Hub

erf-validate

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local PowerShell script .claude/skills/epf-validate/scripts/epf-validate.ps1 to perform structural validation of XML files. This is the primary intended function of the skill.
  • [PROMPT_INJECTION]: There is an indirect prompt injection surface as the skill processes external XML source files that could contain embedded instructions.
  • Ingestion points: XML source files of 1C reports (ERF) provided via the ObjectPath parameter.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded content are present in the command definition.
  • Capability inventory: The skill utilizes Bash, Read, and Glob tools, and executes PowerShell commands.
  • Sanitization: There is no evidence of sanitization for the content read from the XML files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 08:35 AM