data360-harmonize

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands using the Salesforce CLI (sf data360) to list, describe, and manage Data Model Objects (DMOs) and Identity Resolution rulesets.
  • [COMMAND_EXECUTION]: The skill runs a local Node.js script located in a sibling directory (../data360-orchestrate/scripts/diagnose-org.mjs) to perform environment readiness checks.
  • [EXTERNAL_DOWNLOADS]: The skill requires an external Salesforce CLI plugin (sf data360). As this skill is provided by the vendor (forcedotcom), this dependency is considered a standard part of the vendor's toolchain.
  • [DATA_EXPOSURE]: The skill interacts with organization metadata and schemas. However, it does not exfiltrate this data to external third-party domains and operates within the authenticated context of the user's Salesforce environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:15 PM
Security Audit — agent-trust-hub — data360-harmonize