1c-feature-dev
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
git diff --statin Phase 8 to provide a summary of modified files to the user. - [DATA_EXPOSURE]: The skill references a specific local file path
~/.claude/rules/1c-rules.mdin Phase 7 to provide context for the code review agent. This is used for rule-based validation and does not target sensitive system credentials. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting untrusted data from the existing 1C codebase and user-provided arguments.
- Ingestion points: User-provided task descriptions via
$ARGUMENTS(SKILL.md, Phase 0/1) and existing source code files during the discovery phase (SKILL.md, Phase 2). - Boundary markers: No explicit delimiters or "ignore embedded instructions" warnings are used when processing external content.
- Capability inventory: The skill possesses file-writing capabilities (via
1c-code-writer), file-reading capabilities (via1c-code-explorer), and basic shell command execution (git diff). - Sanitization: No sanitization or validation logic is implemented for the data retrieved from the codebase or user input before it is passed to sub-agents.
Audit Metadata