applying-slds
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the @salesforce-ux/slds-linter package via npx for validation tasks. As the author is forcedotcom (Salesforce) and the tool is an official Salesforce-UX package, this is a trusted vendor dependency.
- [COMMAND_EXECUTION]: The instructions involve executing local Node.js scripts for metadata lookup and the npx linter for code validation. These operations are limited to the skill's own knowledge base and the user's project files, which is necessary for its primary purpose.
- [PROMPT_INJECTION]: The skill ingests user component code as a target for linting. While this is an ingestion point for untrusted data, the risk is mitigated by using a deterministic validation tool rather than open-ended prompt processing. This behavior is standard for developer-oriented AI skills.
Audit Metadata