connecting-datacloud

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: No hardcoded credentials or secrets were found in the skill files.
  • Evidence: All JSON templates in the examples/connections/ directory use descriptive placeholders like <SNOWFLAKE_USERNAME> and <AZURE_APP_CLIENT_SECRET> to ensure users do not accidentally include real credentials in the skill definitions.
  • [COMMAND_EXECUTION]: The skill performs command-line operations using the Salesforce CLI and a local diagnostic script.
  • Evidence: Workflows involve sf data360 commands and node ~/.claude/skills/orchestrating-datacloud/scripts/diagnose-org.mjs for environment readiness checks. These are standard vendor-provided tools for Data Cloud management.
  • [PROMPT_INJECTION]: The system instructions are designed with clear task scoping and do not attempt to bypass agent guardrails.
  • Evidence: The SKILL.md provides explicit trigger conditions and delegation rules to other skills in the *-datacloud family without using adversarial patterns or bypass markers.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 02:37 PM
Security Audit — agent-trust-hub — connecting-datacloud