sf-diagram
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to read Salesforce metadata files (.object-meta.xml, .field-meta.xml, .cls, .flow-meta.xml) from the local project directory and transform them into Mermaid diagram code.
- [SAFE]: Tool access is appropriately restricted to necessary operations such as Read, Glob, Grep, and a scoped version of the Salesforce CLI (sf).
- [SAFE]: No evidence of data exfiltration, obfuscation, or unauthorized remote code execution was found. The skill operates on local project files and does not attempt to send data to external domains.
Audit Metadata