mxl-expert
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is a legitimate developer tool designed for the 1C:Enterprise ecosystem. It automates common metadata management tasks like adding or removing templates and compiling/decompiling spreadsheet layouts.
- [COMMAND_EXECUTION]: The skill utilizes local PowerShell scripts to perform complex XML and JSON transformations. These scripts are invoked with the -NoProfile flag and are used solely for processing project files within the user's workspace. No arbitrary or remote command execution was detected.
- [DATA_EXFILTRATION]: There is no evidence of network activity, credential harvesting, or access to sensitive system paths. The scripts focus exclusively on 1C-specific files (Template.xml, JSON definitions) within the project's source directory.
- [PROMPT_INJECTION]: While the skill processes external data (XML/JSON), it does so using standard structured parsers. It does not contain instructions that attempt to override the agent's safety guidelines or core behavior. The processing of user-supplied data follows predictable transformation logic without executing the content.
Audit Metadata