agentforce-architecture-analyze

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is authored by forcedotcom and facilitates legitimate Salesforce metadata analysis using established tools.
  • [COMMAND_EXECUTION]: The skill executes sf CLI subcommands using subprocess.run without a shell. Input validation is enforced at multiple layers using fs_guard.py, which utilizes regular expressions to restrict identifiers to alphanumeric characters and underscores, effectively preventing command and SOQL injection.
  • [CREDENTIALS_UNSAFE]: The skill manages Salesforce access tokens securely. It includes specific logic in rest_client.py and write_emit_ctx.py to redact tokens from error messages and logs. It also features a custom HTTP redirect handler that strips the Authorization header when a request is redirected to a different hostname, preventing credential leakage.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with official Salesforce API domains (salesforce.com) to retrieve metadata related to the agent architecture.
  • [PROMPT_INJECTION]: Instructions within SKILL.md are focused on operational triggers and do not attempt to override agent safety protocols or extract system prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:15 PM
Security Audit — agent-trust-hub — agentforce-architecture-analyze