The Agent Skills Directory

[SAFE]: The skill is developed by a trusted vendor and follows secure practices, such as using parameterized queries and escaping inputs to prevent SQL injection within the deployed Apex service.- [COMMAND_EXECUTION]: The skill uses standard shell commands and the Salesforce CLI (sf) to manage project metadata and interact with the Salesforce platform. All commands are consistent with the documented purpose of agent observability and development.- [DATA_EXFILTRATION]: Trace data and session variables are queried from Data Cloud for diagnostic purposes. This information is processed locally or within the Salesforce org, with no evidence of transmission to unauthorized external domains.- [REMOTE_CODE_EXECUTION]: The skill includes a local Apex class (AgentforceOptimizeService.cls) that is deployed to the user's org. This code is bundled with the skill and is required for querying the Session Trace Data Model; it does not download or execute code from untrusted remote sources.- [PROMPT_INJECTION]: The skill does not attempt to override agent safety protocols. Instead, it provides tools for developers to identify prompt injection and other safety regressions in their agents during the analysis and reproduction phases.

observing-agentforce