Skills
skills/forcedotcom/afv-library/commerce-b2b-open-code-components-replace/Gen Agent Trust Hub

commerce-b2b-open-code-components-replace

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a migration workflow for B2B Commerce components. It reads project metadata to identify components and updates them based on an authoritative local mapping file provided in the skill assets.
  • [COMMAND_EXECUTION]: The skill uses restricted shell commands (grep and ls) for file discovery and to verify the presence of the open-source repository. These operations are scoped to project directories and do not allow arbitrary command execution.
  • [DATA_EXPOSURE]: The skill accesses project configuration (sfdx-project.json) and site metadata (content.json). Access is limited to standard development files necessary for the migration task and does not involve sensitive system credentials, environment variables, or private keys.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 06:20 PM
Security Audit — agent-trust-hub — commerce-b2b-open-code-components-replace