Skills
skills/forcedotcom/afv-library/dx-devops-test-suite-assignments-configure/Gen Agent Trust Hub

dx-devops-test-suite-assignments-configure

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security vulnerabilities or malicious patterns were detected in the skill's instructions or logic.
  • [COMMAND_EXECUTION]: The skill uses the standard Salesforce CLI (sf) to perform project management tasks. Commands such as sf data query and sf api request rest are used to interact with the user's authenticated Salesforce org. These operations are scoped to the DevOps Center standard object model.
  • [EXTERNAL_DOWNLOADS]: The skill verifies the presence of the @salesforce/plugin-agent. If missing, it provides instructions to install this official Salesforce plugin using the standard sf plugins install command. This is a legitimate dependency for the skill's functionality.
  • [DATA_EXFILTRATION]: All data access is localized to the Salesforce platform via authenticated CLI sessions. There are no indications of data being sent to external or unauthorized third-party domains.
  • [PROMPT_INJECTION]: The skill includes instructions to analyze commit diffs to recommend test suites. While this introduces an indirect prompt injection surface, the logic is highly structured—relying on file extensions and method detection for classification—which minimizes the risk of executing untrusted data as instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 06:20 PM
Security Audit — agent-trust-hub — dx-devops-test-suite-assignments-configure