using-salesforce-archive
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs read and write operations against Salesforce Archive Connect API endpoints at /platform/data-resilience/archive/. These are legitimate vendor-managed resources. It also retrieves job logs via platform-generated stream URLs. No unauthorized data exfiltration to third-party services was identified.
- [PROMPT_INJECTION]: The skill processes data from external sources, including archived record search results and ArchiveActivity metadata, creating an indirect prompt injection surface. The instructions do not define specific sanitization procedures or boundary markers for the data retrieved from these sources.
- [SAFE]: No evidence of malicious behavior such as prompt injection, obfuscation, or privilege escalation was found. The skill follows standard development practices for Salesforce integrations and correctly identifies required user permissions for each operation.
Audit Metadata