Skills
skills/arman-kudaibergenov/1c-ai-development-kit/meta-remove/Gen Agent Trust Hub

meta-remove

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a PowerShell script (meta-remove.ps1) that performs recursive file and directory deletions (Remove-Item -Recurse -Force) and modifies configuration files on the local system.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its input parameters.
  • Ingestion points: The Object and ConfigDir arguments in SKILL.md.
  • Boundary markers: No delimiters or instructions are used to separate untrusted data from the script logic.
  • Capability inventory: Recursive file deletion and XML modification across the provided directory.
  • Sanitization: The script validates object types against a whitelist but does not sanitize the Object parameter for path traversal sequences (e.g., ..), which could theoretically be exploited to delete files outside the 1C metadata directories if the agent is provided with malicious input.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 10:12 AM