Skills
skills/forcedotcom/sf-skills/generating-flexipage/Gen Agent Trust Hub

generating-flexipage

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill exclusively utilizes official Salesforce CLI tools (sf) and standard metadata patterns for Salesforce development. All operations remain within the vendor's documented ecosystem.
  • [EXTERNAL_DOWNLOADS]: The skill includes instructions to install the templates plugin for the Salesforce CLI (sf plugins install templates). This is a standard, official extension provided by the vendor (Salesforce) for metadata generation.
  • [COMMAND_EXECUTION]: The agent is instructed to execute CLI commands for template generation and deployment validation (sf template generate, sf project deploy). These commands are scoped to project files and use official tooling.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it reads and parses existing Salesforce FlexiPage XML files to extract identifiers and regions.
  • Ingestion points: Reading *.flexipage-meta.xml files from the local filesystem.
  • Boundary markers: Absent; no specific delimiters are defined for reading file content.
  • Capability inventory: Subprocess execution of sf CLI commands and filesystem write operations.
  • Sanitization: The skill provides explicit instructions for manual XML entity encoding to prevent parsing corruption.
  • [SAFE]: The specific instructions to "STOP
  • No Further Modifications" are technical constraints designed to ensure metadata integrity during the generation process and do not represent a bypass of agent safety protocols.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 04:07 PM