commerce-b2b-store-create
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's interactive workflow interpolates user-provided input (the selected store name) directly into a shell command (
sf project retrieve start -m DigitalExperienceBundle:site/<selected-store-name> --json). This pattern creates a potential vulnerability surface for command injection if an attacker provides a maliciously crafted store name containing shell metacharacters (e.g., semicolons or pipes). - Ingestion points: User-supplied store name input in Step 3 and site selection in Step 5 of SKILL.md.
- Boundary markers: No shell-level delimiters or escaping mechanisms are applied to the user input before it is placed into the command string.
- Capability inventory: The skill has the capability to execute Salesforce CLI commands (
sf) which interact with the local filesystem and the connected Salesforce organization. - Sanitization: The instructions ask the agent to "validate" the input format, but there is no technical enforcement or programmatic sanitization to ensure the input is safe for shell execution.
Audit Metadata