experience-ui-bundle-features-generate
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the
@salesforce/ui-bundle-featuresCLI tool, which is a verified package from the vendor (Salesforce/forcedotcom). All operations described (listing, describing, and installing features) are standard development workflows within the Salesforce ecosystem. - [COMMAND_EXECUTION]: The skill requires the execution of
npxcommands. This is used exclusively for the vendor's feature-management CLI and does not involve arbitrary or malicious command execution. - [DATA_EXPOSURE]: File operations are limited to the project's source directory (
src/) for feature integration. There are no attempts to access sensitive system directories, environment variables, or credentials. - [PROMPT_INJECTION]: The skill involves reading integration patterns from
__example__files provided by the CLI. While this represents a data ingestion surface, the source is a trusted vendor tool, and the instructions are limited to pattern application within the project scope.
Audit Metadata