connecting-datacloud
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No hardcoded credentials or secrets were found in the skill files.
- Evidence: All JSON templates in the
examples/connections/directory use descriptive placeholders like<SNOWFLAKE_USERNAME>and<AZURE_APP_CLIENT_SECRET>to ensure users do not accidentally include real credentials in the skill definitions. - [COMMAND_EXECUTION]: The skill performs command-line operations using the Salesforce CLI and a local diagnostic script.
- Evidence: Workflows involve
sf data360commands andnode ~/.claude/skills/orchestrating-datacloud/scripts/diagnose-org.mjsfor environment readiness checks. These are standard vendor-provided tools for Data Cloud management. - [PROMPT_INJECTION]: The system instructions are designed with clear task scoping and do not attempt to bypass agent guardrails.
- Evidence: The
SKILL.mdprovides explicit trigger conditions and delegation rules to other skills in the*-datacloudfamily without using adversarial patterns or bypass markers.
Audit Metadata