generating-flow
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, such as prompt injection, data exfiltration, or unauthorized code execution, were identified. The skill's instructions focus on the functional requirements for generating Salesforce XML metadata through an established tool pipeline.
- [COMMAND_EXECUTION]: The skill utilizes the
execute_metadata_actionMCP tool. It mandates a strict sequential execution of three actions (fetchGroundedObjectMetadata,flowElementSelection, andflowElementGeneration) and requires the agent to loop until the task is complete to ensure the generation of valid Salesforce Flow XML. - [DATA_EXPOSURE]: The skill is designed to scan local sfdx project files to extract custom object and field metadata (
inflightMetadata). This data is used as context for the generation tool, which is a standard operation for Salesforce development automation.
Audit Metadata