Skills
skills/forcedotcom/afv-library/switching-org/Gen Agent Trust Hub

switching-org

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Salesforce CLI (sf) to execute commands such as sf org list, sf config set, and sf config get. These operations are standard for managing Salesforce project environments and do not involve high-privilege system modifications.
  • [PROMPT_INJECTION]: The skill accepts user-provided input for the orgIdentifier variable, which is interpolated into shell commands. This creates a surface for indirect prompt injection if the input is not sanitized by the executing agent.
  • Ingestion points: orgIdentifier parameter in SKILL.md.
  • Boundary markers: Absent; the input is placed directly into the command string.
  • Capability inventory: Shell command execution via sf CLI (SKILL.md).
  • Sanitization: Absent; the instructions do not specify validation for the alias or username format.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:59 AM
Security Audit — agent-trust-hub — switching-org