dx-code-analyzer-run

Warn

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/describe-rule.js uses child_process.execSync to call the Salesforce CLI. It interpolates the rule-name argument directly into a shell command string within double quotes. Because this input is not sanitized or escaped, it presents a command injection vulnerability if the argument contains shell metacharacters (e.g., "; <command> #).
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external data by running static analysis on project source code and processing the results. Malicious instructions embedded in scanned code (e.g., within comments or metadata) could be propagated through the scan results to the agent's context, leading to indirect prompt injection. The skill mitigates the impact of this risk by requiring explicit user confirmation before executing code modifications.
  • [COMMAND_EXECUTION]: The scripts/list-rules.js script similarly executes shell commands via execSync. While it includes a validateSelector function to check inputs against a whitelist of valid tokens, the underlying pattern of shell interpolation remains a sensitive area compared to using safer execution methods.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 26, 2026, 12:50 PM
Security Audit — agent-trust-hub — dx-code-analyzer-run