data360-segment
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs shell command execution using the Salesforce CLI (
sf) and a local Node.js diagnostic script (node ../data360-orchestrate/scripts/diagnose-org.mjs). These commands are essential for listing, creating, and publishing segments within Salesforce Data Cloud.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data from Salesforce Data Cloud, which could potentially contain malicious instructions.\n - Ingestion points: Results from SQL queries (
sf data360 query sql) and segment metadata (sf data360 segment list) as described inSKILL.mdare loaded into the agent's context from external Salesforce orgs.\n - Boundary markers: The instructions in
SKILL.mdlack boundary markers or specific guidance for the agent to distinguish between data and instructions when processing external output.\n - Capability inventory: The skill possesses the ability to execute shell commands and interact with the local filesystem as defined in
SKILL.md.\n - Sanitization: No sanitization or validation logic is defined in
SKILL.mdfor the data retrieved from external sources before it is processed by the agent.
Audit Metadata