data360-activate

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the sf CLI with the data360 plugin to list and create activations and targets. This is standard functionality for the Salesforce Data Cloud context.
  • Evidence: sf data360 activation list in SKILL.md.
  • [COMMAND_EXECUTION]: The skill runs a local Node.js script to perform organization diagnostics.
  • Evidence: node ../data360-orchestrate/scripts/diagnose-org.mjs in SKILL.md.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it reads user-provided JSON files to configure activation assets.
  • Ingestion points: target.json, activation.json, and action.json in SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: Subprocess execution via sf CLI and node in SKILL.md.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:15 PM
Security Audit — agent-trust-hub — data360-activate