experience-ui-bundle-app-coordinate

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform standard development tasks using shell commands, such as sf template generate ui-bundle, npm install, npx eslint, and various build scripts. These are necessary operations for scaffolding, linting, and building a web application.
  • [PROMPT_INJECTION]: The skill is designed to ingest natural language requests from the user to generate application code and architecture. While this represents a potential surface for indirect prompt injection, it is the core intended functionality of the coordinator skill and is managed through the orchestration of specialized sub-skills.
  • [SAFE]: All identified behaviors, including the use of Salesforce CLI tools and specific Node.js packages like @salesforce/sdk-data, align with the established development patterns of the 'forcedotcom' vendor. No unauthorized data access, persistence mechanisms, or obfuscated code were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 02:29 PM
Security Audit — agent-trust-hub — experience-ui-bundle-app-coordinate