dx-devops-test-failures-analyze
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from test failure and Code Analyzer violation payloads.
- Ingestion points: SKILL.md describes parsing failure payloads; references/failure-categories.md outlines patterns extracted from these payloads.
- Boundary markers: No explicit delimiters or instructions are provided to the model to ignore potential malicious commands within the external data.
- Capability inventory: The skill has access to shell commands via the Salesforce CLI (sf), including sf data query and sf data create record in references/prerequisite-checks.md and references/work-item-creation.md.
- Sanitization: No explicit sanitization or validation of the payload content is performed before it is used to generate summaries or populate work item fields.
- [COMMAND_EXECUTION]: The skill executes shell commands using the Salesforce CLI to interact with the environment and manage records.
- Evidence: Use of sf data query, sf data create record, sf org list, and sf plugins across references/prerequisite-checks.md and references/work-item-creation.md to perform environment validation and data operations.
Audit Metadata