The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted user input and interpolates it into shell commands. * Ingestion points: User-provided name and rules (thresholds) in SKILL.md. * Boundary markers: None present to delimit user input from command structure. * Capability inventory: sf api request, sf data create, and sf data update commands in SKILL.md. * Sanitization: No escaping or validation of user-provided strings before command execution is specified.
[SAFE]: The skill includes mandatory impact previews and requires explicit user confirmation before executing any commands, which mitigates risk.
[SAFE]: No hardcoded credentials, malicious remote downloads, or obfuscated code patterns were detected.
[SAFE]: The functionality is consistent with the author's identity as a Salesforce-related entity ('forcedotcom') and uses official CLI tools.

configuring-quality-gate