dx-org-manage
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute Salesforce CLI commands. It constructs these commands by interpolating user-provided values such as org aliases, snapshot names, and file paths (e.g.,
sf org create snapshot --source-org <orgId-or-alias> --name <SnapshotName>). - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted user data and uses it to parameterize shell commands. This is a common pattern for skills that wrap CLI tools.
- [SAFE]: The skill's behavior is consistent with its stated purpose and metadata. The author 'forcedotcom' is the legitimate organization for Salesforce, and the use of the
sfCLI is expected. - [SAFE]: Writing command outputs to a local directory (
force-app/main/adk-eval-output/) is a benign feature intended for integration with Salesforce evaluation and testing frameworks.
Audit Metadata