data360-activate
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Salesforce CLI (
sf data360) to list, create, and inspect activation targets, platforms, and data actions within a Salesforce org. - [COMMAND_EXECUTION]: Executes a local Node.js diagnostic script (
diagnose-org.mjs) vianodeto check the readiness of the environment before performing operations. - [REMOTE_CODE_EXECUTION]: Identifies a dependency on an external community Salesforce CLI plugin (
sf data360). While the skill requires this plugin to function, it does not include commands to automatically download or execute remote installation scripts. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external JSON definition files (e.g.,
target.json,activation.json) to create resources. While this represents a data ingestion surface, the operations are performed using standard CLI tools against a user-specified Salesforce org alias.
Audit Metadata