experience-ui-bundle-features-generate

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill utilizes the @salesforce/ui-bundle-features CLI tool, which is a verified package from the vendor (Salesforce/forcedotcom). All operations described (listing, describing, and installing features) are standard development workflows within the Salesforce ecosystem.
  • [COMMAND_EXECUTION]: The skill requires the execution of npx commands. This is used exclusively for the vendor's feature-management CLI and does not involve arbitrary or malicious command execution.
  • [DATA_EXPOSURE]: File operations are limited to the project's source directory (src/) for feature integration. There are no attempts to access sensitive system directories, environment variables, or credentials.
  • [PROMPT_INJECTION]: The skill involves reading integration patterns from __example__ files provided by the CLI. While this represents a data ingestion surface, the source is a trusted vendor tool, and the instructions are limited to pattern application within the project scope.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:16 PM
Security Audit — agent-trust-hub — experience-ui-bundle-features-generate