Skills
skills/arman-kudaibergenov/1c-ai-development-kit/meta-info/Gen Agent Trust Hub

meta-info

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a PowerShell script via the command line with parameters provided by the agent. This creates a risk of command injection if the agent interpolates user input (such as file paths) into the shell command without proper escaping.
  • [DATA_EXFILTRATION]: The script has broad file system access. It can read any XML file and write output to any path using the -OutFile parameter. If misdirected, this could be used to expose sensitive local data or corrupt files.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection when processing untrusted XML files. 1. Ingestion points: XML data is ingested from files at paths specified by the user in scripts/meta-info.ps1. 2. Boundary markers: Absent. Extracted data is written to the console with no markers to prevent the agent from interpreting the content as instructions. 3. Capability inventory: The script allows reading files and writing to the local filesystem. 4. Sanitization: Absent. Values from the XML are displayed as-is without validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 08:35 AM