Skills
skills/forcedotcom/afv-library/platform-sharing-rules-generate/Gen Agent Trust Hub

platform-sharing-rules-generate

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the sf (Salesforce CLI) command-line tool to retrieve metadata from a target environment. This is standard behavior for managing Salesforce project resources and aligns with the skill's stated purpose.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface because it reads and processes data from external sources such as existing project metadata and live environment query results.
  • Ingestion points: Reads content from local <ObjectName>.sharingRules-meta.xml files and results from SOQL database queries (e.g., fetching community nicknames).
  • Boundary markers: No explicit delimiters or 'ignore' instructions are defined to separate the ingested metadata from the agent's internal logic.
  • Capability inventory: The skill has the capability to write files to the local project directory and execute shell commands via the Salesforce CLI.
  • Sanitization: There is no evidence of sanitization or filtering of the retrieved data before it is interpolated into the workflow for generating new metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 06:20 PM
Security Audit — agent-trust-hub — platform-sharing-rules-generate