Skills
skills/arman-kudaibergenov/1c-ai-development-kit/form-info/Gen Agent Trust Hub

form-info

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from external XML files and presents it to the agent without sanitization or boundary markers.
  • Ingestion points: The script scripts/form-info.ps1 reads the file specified in the -FormPath argument.
  • Boundary markers: Absent. The output uses simple text headers (e.g., Elements:, Attributes:) but does not include explicit delimiters or instructions for the agent to ignore potential commands embedded within the XML content.
  • Capability inventory: The agent has access to Bash, Read, and Glob tools, which could be misused if the agent is manipulated by instructions hidden in a malicious Form.xml file.
  • Sanitization: None. The script extracts text from XML nodes (like Titles or Names) and outputs them directly to the console via Write-Host.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 08:35 AM