dx-devops-test-failures-analyze
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Salesforce CLI (
sf) to query environment data and create records. These operations are performed within the context of the user's authenticated session and modification tasks are protected by a confirmation gate. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes potentially attacker-controlled test failure strings. 1. Ingestion points: External failure payloads are analyzed in
SKILL.mdPart 1 and 2. 2. Boundary markers: The instructions do not specify any delimiters to isolate the external payloads. 3. Capability inventory: The skill has read/write access to the Salesforce org viasf datacommands. 4. Sanitization: No formal input validation or escaping is used beyond simple translation to plain language.
Audit Metadata