The Agent Skills Directory

[COMMAND_EXECUTION]: The skill interacts with the Salesforce sf CLI using subprocess.run to manage authentication and retrieve organization metadata (scripts/dc.py, scripts/fetch_dc.py).
Arguments are passed as lists to prevent shell injection.
User-supplied inputs such as organization aliases are used within defined CLI flags.
[DATA_EXFILTRATION]: The skill retrieves session logs and conversation transcripts from Salesforce Data Cloud and writes them to local JSON and Markdown files (scripts/storage.py, scripts/fetch_dc.py).
This behavior is consistent with the skill's stated purpose of session investigation.
Network requests are directed to the authenticated Salesforce instance URL obtained from the official CLI.
[SAFE]: The skill implements a centralized validation framework (scripts/_shared/fs_guard.py and scripts/_shared/paths.py) that uses anchored regular expressions to sanitize all session IDs, API names, and organization IDs.
This prevents path traversal vulnerabilities by ensuring all components of a filesystem path are strictly validated before use.
The skill is authored by 'forcedotcom' (Salesforce), and its resource patterns align with the vendor's legitimate infrastructure.

investigating-agentforce-d360