building-omnistudio-datamapper
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates within the expected scope of Salesforce metadata development, utilizing official Salesforce CLI (sf) commands and local templates.
- [COMMAND_EXECUTION]: The skill instructs the agent to use standard Salesforce CLI commands for querying and deploying metadata (sf data query, sf project deploy). These operations are authenticated through the user's existing Salesforce sessions and do not pose a risk of arbitrary shell execution.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a data ingestion surface as it reads and reviews existing OmniDataTransform JSON metadata from the local project.
- Ingestion points: Reads existing Data Mapper configurations during the Phase 3 review.
- Boundary markers: None explicitly defined in the review instructions.
- Capability inventory: Shell command execution (sf CLI) and file system access.
- Sanitization: None; metadata content is processed directly as part of the primary skill function.
- [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. All network communication is conducted through official Salesforce CLI tools to the user's configured orgs.
- [PROMPT_INJECTION]: The skill contains negative constraints and mandatory guardrails to prevent the generation of insecure or inefficient configurations. These are legitimate instructional constraints that align with Salesforce development best practices.
Audit Metadata