Skills
skills/arman-kudaibergenov/1c-ai-development-kit/inspect/Gen Agent Trust Hub

inspect

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it ingests untrusted data from XML metadata files and outputs it to the agent context.
  • Ingestion points: Multiple PowerShell scripts (e.g., meta-info.ps1, form-info.ps1) read user-provided XML files such as Configuration.xml, Form.xml, and Template.xml.
  • Boundary markers: The tools output structured or tree-like text but do not wrap the content in protective delimiters or provide instructions to the model to ignore natural language instructions embedded within the metadata.
  • Capability inventory: The skill allows for file reading and writing (via the -OutFile parameter) within the agent's filesystem permissions.
  • Sanitization: The scripts extract content from XML nodes like 'Comment' or 'Synonym' and pass it directly to the output without filtering for potentially malicious natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 11:31 PM