experience-ui-bundle-salesforce-data-access
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes official Salesforce development packages, including
@salesforce/platform-sdkand@salesforce/graphiti. These are vendor-provided resources and their usage aligns with the skill's stated purpose of managing Salesforce data access. - [DATA_EXFILTRATION]: Network operations are conducted through the
sdk.fetchandsdk.graphqlmethods, which are directed at authorized Salesforce API endpoints (e.g.,/services/data/,/services/apexrest/). No patterns of data exfiltration to unauthorized or suspicious external domains were identified. - [COMMAND_EXECUTION]: The skill includes a local bash script (
scripts/graphql-search.sh) and provides numerous CLI command examples for thegraphititool. The bash script is restricted to local file system operations usinggrepandawkto search schema definitions. All command examples are standard development tasks and do not involve risky behaviors like piping remote content into a shell. - [SAFE]: File system access is limited to project-related configuration files such as
schema.graphqlandpackage.json. There is no evidence of the skill attempting to access sensitive system files, user credentials, or SSH keys. - [PROMPT_INJECTION]: The instructions focus strictly on data access workflows and do not contain patterns typical of prompt injection, such as attempts to bypass safety filters or override agent behavior.
Audit Metadata