deploying-ui-bundle
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted local project files to drive agent behavior, creating an indirect prompt injection surface. (1) Ingestion points: sfdx-project.json, manifest/package.xml, package.xml, data/data-plan.json, and permission set files. (2) Boundary markers: Absent; no specific delimiters or instructions distinguish data from commands when reading files. (3) Capability inventory: Shell command execution for builds and metadata deployment, permission set assignment, and Anonymous Apex execution for data imports. (4) Sanitization: Absent; the skill does not mention validation or escaping for the content of processed files.
- [COMMAND_EXECUTION]: Executes shell commands for building UI bundles, deploying metadata via the Salesforce CLI, and performing codegen tasks.
- [EXTERNAL_DOWNLOADS]: Instructs the agent to install project dependencies, which involves downloading software packages from external registries like npm or PyPI.
Audit Metadata